Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker
-
Size
88KB
-
Sample
240223-sdvz9sce8x
-
MD5
531b1f068781d8d656db25dae5a04895
-
SHA1
15b4a519f48dc903dbe6eb197e3a4b21872c915f
-
SHA256
b6eff88fe5c80a21524ddf67a0f68529fb648196eada34849898094e2bda086f
-
SHA512
fcaee05173c711b3e2a16a625b11158a47bc7f37b4104e77dc134adbd66adf1a1aabda578c53940a10092ef758f0c6dd217433bbc515577f888b220265724db5
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgL9:AnBdOOtEvwDpj6zF
Behavioral task
behavioral1
Sample
2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker
-
Size
88KB
-
MD5
531b1f068781d8d656db25dae5a04895
-
SHA1
15b4a519f48dc903dbe6eb197e3a4b21872c915f
-
SHA256
b6eff88fe5c80a21524ddf67a0f68529fb648196eada34849898094e2bda086f
-
SHA512
fcaee05173c711b3e2a16a625b11158a47bc7f37b4104e77dc134adbd66adf1a1aabda578c53940a10092ef758f0c6dd217433bbc515577f888b220265724db5
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgL9:AnBdOOtEvwDpj6zF
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-