Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker
-
Size
87KB
-
Sample
240315-q7xd3saa8z
-
MD5
9cc0d5d086f789dfd2fc4fbd5232d0d3
-
SHA1
f9ae0fc38db2cb5579da7079b4d0dfcf4c3bf21f
-
SHA256
5072b322649fd2ba89220ab24448035fa1db78a19705cc9e4b40c48c1a8ea65f
-
SHA512
56a536ad529ccad5a66b2c4291993fd715ee4c8a030289ae46644e35e048757ac9b28027ce5fcd02a73f84c207eba623cdbb11e7b24a3e67312e913ef3c9de79
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJ/q:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgn
Behavioral task
behavioral1
Sample
2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker
-
Size
87KB
-
MD5
9cc0d5d086f789dfd2fc4fbd5232d0d3
-
SHA1
f9ae0fc38db2cb5579da7079b4d0dfcf4c3bf21f
-
SHA256
5072b322649fd2ba89220ab24448035fa1db78a19705cc9e4b40c48c1a8ea65f
-
SHA512
56a536ad529ccad5a66b2c4291993fd715ee4c8a030289ae46644e35e048757ac9b28027ce5fcd02a73f84c207eba623cdbb11e7b24a3e67312e913ef3c9de79
-
SSDEEP
768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJ/q:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgn
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-