Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-27_c21a4f54ce5b46d8b7bb9ea0bcdc815e_cryptolocker
-
Size
93KB
-
Sample
240227-zns2zsbd6v
-
MD5
c21a4f54ce5b46d8b7bb9ea0bcdc815e
-
SHA1
0a8760a5eae373622ef956c417cb99b44094e094
-
SHA256
1bb9a0fb82f02d4508917cb22e6028379b83356cc30b99c50c6a046af62b23ff
-
SHA512
54f9fc25b5d0626c11a791142162af61daca70fb58209918702f39c29c66a2d9a8bc8f9a5b5275549fc58a56b67a54fef8360e984c1bbe3387569a8a0dee7770
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/f:zCsanOtEvwDpjBf
Behavioral task
behavioral1
Sample
2024-02-27_c21a4f54ce5b46d8b7bb9ea0bcdc815e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-27_c21a4f54ce5b46d8b7bb9ea0bcdc815e_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-27_c21a4f54ce5b46d8b7bb9ea0bcdc815e_cryptolocker
-
Size
93KB
-
MD5
c21a4f54ce5b46d8b7bb9ea0bcdc815e
-
SHA1
0a8760a5eae373622ef956c417cb99b44094e094
-
SHA256
1bb9a0fb82f02d4508917cb22e6028379b83356cc30b99c50c6a046af62b23ff
-
SHA512
54f9fc25b5d0626c11a791142162af61daca70fb58209918702f39c29c66a2d9a8bc8f9a5b5275549fc58a56b67a54fef8360e984c1bbe3387569a8a0dee7770
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/f:zCsanOtEvwDpjBf
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-