Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker
-
Size
47KB
-
Sample
240224-wvsg9abd3w
-
MD5
e72a0ef66c27e126b8e75230c38d1d38
-
SHA1
f48ee26cc161524f90167a0b0804fc734b930529
-
SHA256
32fda8b49387b8f70a7ae7edd87cbc13c7a1e4d814c06c42f0247022f4bf2b08
-
SHA512
61b7311f54804fb7400f5a8b0c34d6f66795aef08cf1f1b412cce3fcd393745532d47a95834b697987e66d33d17f6ae1b82a18906d394726f31d2e92e7343c4e
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2p5:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ0
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker
-
Size
47KB
-
MD5
e72a0ef66c27e126b8e75230c38d1d38
-
SHA1
f48ee26cc161524f90167a0b0804fc734b930529
-
SHA256
32fda8b49387b8f70a7ae7edd87cbc13c7a1e4d814c06c42f0247022f4bf2b08
-
SHA512
61b7311f54804fb7400f5a8b0c34d6f66795aef08cf1f1b412cce3fcd393745532d47a95834b697987e66d33d17f6ae1b82a18906d394726f31d2e92e7343c4e
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2p5:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-