Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker
-
Size
49KB
-
Sample
240314-stk51afe8x
-
MD5
034622ef529ee38f1f6f7d1c21417689
-
SHA1
29897c0bff2981f2b3bf437d77f4f28536cc5a07
-
SHA256
3e10ec094f24f5d741182d60158b918d796ce807ac060773631e9c552a81285c
-
SHA512
7afa2173fcd56370641d47a1991938bc55eb898828155446bd96d8e9fef10d25ec1a6048dc34e297bf32264d485b89ad8ed426e9fe87e3b37477478994cc5820
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05WTB52zl:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ6uj1
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker
-
Size
49KB
-
MD5
034622ef529ee38f1f6f7d1c21417689
-
SHA1
29897c0bff2981f2b3bf437d77f4f28536cc5a07
-
SHA256
3e10ec094f24f5d741182d60158b918d796ce807ac060773631e9c552a81285c
-
SHA512
7afa2173fcd56370641d47a1991938bc55eb898828155446bd96d8e9fef10d25ec1a6048dc34e297bf32264d485b89ad8ed426e9fe87e3b37477478994cc5820
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05WTB52zl:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ6uj1
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-