Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-08_3ab83bde6989e5dbdad26b9cc684d8ee_cryptolocker
-
Size
61KB
-
Sample
240308-d3tq6sec62
-
MD5
3ab83bde6989e5dbdad26b9cc684d8ee
-
SHA1
eaba23e48769aeba1fbd6e276a010a570e559442
-
SHA256
660e1162eb03dc6c89aa7e2958a8b99af8f9bd99ba402d7fd8d0a8b20f87a707
-
SHA512
9135ef0860cca10d2c4707c5098c4a3348e63f167ed5db89d8756896a25fe46647d7c52bf88e84d3938206791bf4bdd3b0fdd2ffa0cacd21397d20343245d0b1
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts6j:BbdDmjr+OtEvwDpjM8+
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-08_3ab83bde6989e5dbdad26b9cc684d8ee_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-08_3ab83bde6989e5dbdad26b9cc684d8ee_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-08_3ab83bde6989e5dbdad26b9cc684d8ee_cryptolocker
-
Size
61KB
-
MD5
3ab83bde6989e5dbdad26b9cc684d8ee
-
SHA1
eaba23e48769aeba1fbd6e276a010a570e559442
-
SHA256
660e1162eb03dc6c89aa7e2958a8b99af8f9bd99ba402d7fd8d0a8b20f87a707
-
SHA512
9135ef0860cca10d2c4707c5098c4a3348e63f167ed5db89d8756896a25fe46647d7c52bf88e84d3938206791bf4bdd3b0fdd2ffa0cacd21397d20343245d0b1
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts6j:BbdDmjr+OtEvwDpjM8+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-