Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker
-
Size
86KB
-
Sample
240314-s224gsfh31
-
MD5
654946c5af63a955cbb4836fb4b01e90
-
SHA1
760bc71622ea30d6437dd7f0c1d4bf56bfb7b085
-
SHA256
45549e88ede5114340b538d6f46817a86d1ff99ef968ee36129c411d80c15477
-
SHA512
cead2aafaa1d90db81b76b85ad2579b65063416ecf64bcdc9d69f8ff2cb4da5c6ece0115617257831996d749442a54e67e617608ec3c617aa0e7d9a0805779cf
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIgj6J:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi
Behavioral task
behavioral1
Sample
2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker
-
Size
86KB
-
MD5
654946c5af63a955cbb4836fb4b01e90
-
SHA1
760bc71622ea30d6437dd7f0c1d4bf56bfb7b085
-
SHA256
45549e88ede5114340b538d6f46817a86d1ff99ef968ee36129c411d80c15477
-
SHA512
cead2aafaa1d90db81b76b85ad2579b65063416ecf64bcdc9d69f8ff2cb4da5c6ece0115617257831996d749442a54e67e617608ec3c617aa0e7d9a0805779cf
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIgj6J:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-