Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-07_bb2163730d218ecd5129e2159049bd6f_cryptolocker
-
Size
88KB
-
Sample
240307-bdnshsce97
-
MD5
bb2163730d218ecd5129e2159049bd6f
-
SHA1
e9c17d5890f92f809b4b9ec9c4745ac66217364c
-
SHA256
8d6b3834c8d4c74a21533dc6744732b41c0cc9bee7b68dea1244e063064dd050
-
SHA512
89ca4ff2ae32c53372020c0f33226fd1fb7420e5821b268cb9d4fb804df5ed4232355ece760ce725f0e08ac1dd8368a1a6a7ad049c3a1d0db122602c81e324c1
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJY/vG:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgC
Behavioral task
behavioral1
Sample
2024-03-07_bb2163730d218ecd5129e2159049bd6f_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-07_bb2163730d218ecd5129e2159049bd6f_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-07_bb2163730d218ecd5129e2159049bd6f_cryptolocker
-
Size
88KB
-
MD5
bb2163730d218ecd5129e2159049bd6f
-
SHA1
e9c17d5890f92f809b4b9ec9c4745ac66217364c
-
SHA256
8d6b3834c8d4c74a21533dc6744732b41c0cc9bee7b68dea1244e063064dd050
-
SHA512
89ca4ff2ae32c53372020c0f33226fd1fb7420e5821b268cb9d4fb804df5ed4232355ece760ce725f0e08ac1dd8368a1a6a7ad049c3a1d0db122602c81e324c1
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJY/vG:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-