Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-06_91db5df5ae4740ea83a2f14492e88dea_cryptolocker
-
Size
126KB
-
Sample
240306-gzrn7acg5v
-
MD5
91db5df5ae4740ea83a2f14492e88dea
-
SHA1
ba7816ba8779e2bf6ad2e29429c8cf32e2f6ccf0
-
SHA256
76fa8b190bd4ddfe746536a19398c2a1602e23ce246cc5a40c9d9b759c0a318e
-
SHA512
f92fd06847d4d72664928b9020bd3ad7c85c3c8397f6a8fe12e8a44038c65e1001af01350791a73e398f1a79a8c8dbbff7eb31df3ccdad5d408e086274541eb9
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eIEm:AnBdOOtEvwDpj6zE
Behavioral task
behavioral1
Sample
2024-03-06_91db5df5ae4740ea83a2f14492e88dea_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-06_91db5df5ae4740ea83a2f14492e88dea_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-06_91db5df5ae4740ea83a2f14492e88dea_cryptolocker
-
Size
126KB
-
MD5
91db5df5ae4740ea83a2f14492e88dea
-
SHA1
ba7816ba8779e2bf6ad2e29429c8cf32e2f6ccf0
-
SHA256
76fa8b190bd4ddfe746536a19398c2a1602e23ce246cc5a40c9d9b759c0a318e
-
SHA512
f92fd06847d4d72664928b9020bd3ad7c85c3c8397f6a8fe12e8a44038c65e1001af01350791a73e398f1a79a8c8dbbff7eb31df3ccdad5d408e086274541eb9
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eIEm:AnBdOOtEvwDpj6zE
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-