Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker
-
Size
117KB
-
Sample
240224-lqbzlaga88
-
MD5
97d423bfc5d26687fd06f11c68eb3147
-
SHA1
0c03e5529c89b50839f15e8a6274bc989bc8df5b
-
SHA256
6397b07471490f59607f2679626dba6561753e93eb263c69a3b17a30ae2f8adb
-
SHA512
06bb65d6f1c592fc7d84bc3a114004244c1be7e2be833937904417104ccd68dff530c38dbbeb4815e834e44aa518dbe4e7e7fd0dbaa2f225f8905a5c40bb55f3
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp01QaA:z6a+CdOOtEvwDpjczW
Behavioral task
behavioral1
Sample
2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker
-
Size
117KB
-
MD5
97d423bfc5d26687fd06f11c68eb3147
-
SHA1
0c03e5529c89b50839f15e8a6274bc989bc8df5b
-
SHA256
6397b07471490f59607f2679626dba6561753e93eb263c69a3b17a30ae2f8adb
-
SHA512
06bb65d6f1c592fc7d84bc3a114004244c1be7e2be833937904417104ccd68dff530c38dbbeb4815e834e44aa518dbe4e7e7fd0dbaa2f225f8905a5c40bb55f3
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp01QaA:z6a+CdOOtEvwDpjczW
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-