Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker
-
Size
32KB
-
Sample
240315-g6r9ashh8x
-
MD5
32dbb436a5a2c1406ae580f383d9d763
-
SHA1
d8b3f233bfca6562caf4adf48f24e007932630b8
-
SHA256
96c5fc81ecad2bc2cb55dc65a5034a9341df4abd53e57f44cb6f694ae0bfee09
-
SHA512
75ad04dd3dcbcb6ee7fec2ca3694d0b4281fb5195d323e9e17d0c5eefc8ad4b653d739bdb2057af6dd18676271982b254d9702d62ee08cbede7477752f1fb6c8
-
SSDEEP
768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjN:q0zizzOSxMOtEvwDpj/arql
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker
-
Size
32KB
-
MD5
32dbb436a5a2c1406ae580f383d9d763
-
SHA1
d8b3f233bfca6562caf4adf48f24e007932630b8
-
SHA256
96c5fc81ecad2bc2cb55dc65a5034a9341df4abd53e57f44cb6f694ae0bfee09
-
SHA512
75ad04dd3dcbcb6ee7fec2ca3694d0b4281fb5195d323e9e17d0c5eefc8ad4b653d739bdb2057af6dd18676271982b254d9702d62ee08cbede7477752f1fb6c8
-
SSDEEP
768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjN:q0zizzOSxMOtEvwDpj/arql
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-