Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_87b1503a535c46e9d922a38c99c1e38d_cryptolocker
-
Size
62KB
-
Sample
240314-ntrkkadc69
-
MD5
87b1503a535c46e9d922a38c99c1e38d
-
SHA1
9f810de8410021bb5358096e68f2dc3097e768ba
-
SHA256
7acb7a1cdd8e9ff3c7f4892b28188a069490ff518dd7c080236d3c1b21ce76b6
-
SHA512
2088a4fbea5763e58f6717405234c832bf8c4833413336bfd20a48eb6e760cc084edb8e79c989307e7be47040b2f7eba600e70662c8e1dc1a8a4782d6b5a5671
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts6S:BbdDmjr+OtEvwDpjM8P
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-14_87b1503a535c46e9d922a38c99c1e38d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-14_87b1503a535c46e9d922a38c99c1e38d_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_87b1503a535c46e9d922a38c99c1e38d_cryptolocker
-
Size
62KB
-
MD5
87b1503a535c46e9d922a38c99c1e38d
-
SHA1
9f810de8410021bb5358096e68f2dc3097e768ba
-
SHA256
7acb7a1cdd8e9ff3c7f4892b28188a069490ff518dd7c080236d3c1b21ce76b6
-
SHA512
2088a4fbea5763e58f6717405234c832bf8c4833413336bfd20a48eb6e760cc084edb8e79c989307e7be47040b2f7eba600e70662c8e1dc1a8a4782d6b5a5671
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgts6S:BbdDmjr+OtEvwDpjM8P
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-