Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-25_22bc849d2c3d87f5a8c7d90ad9ab2e5e_cryptolocker
-
Size
109KB
-
Sample
240325-y743xsha39
-
MD5
22bc849d2c3d87f5a8c7d90ad9ab2e5e
-
SHA1
aa55802a7f9f243e325fb0238a9b9117aab6064c
-
SHA256
57819079800d0ab0197750bbd36b9d21ac228585a9fd4e5b571303c8441c59f0
-
SHA512
9be5bd43241437de615ae155f6d19095cccedb2c5510d42dc916304c326303a5e4bc59f1d613cf378078668af3a2e6c1be9f21a77f47ae685870874657227588
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6Gkszf+:1nK6a+qdOOtEvwDpjS
Behavioral task
behavioral1
Sample
2024-03-25_22bc849d2c3d87f5a8c7d90ad9ab2e5e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-25_22bc849d2c3d87f5a8c7d90ad9ab2e5e_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-25_22bc849d2c3d87f5a8c7d90ad9ab2e5e_cryptolocker
-
Size
109KB
-
MD5
22bc849d2c3d87f5a8c7d90ad9ab2e5e
-
SHA1
aa55802a7f9f243e325fb0238a9b9117aab6064c
-
SHA256
57819079800d0ab0197750bbd36b9d21ac228585a9fd4e5b571303c8441c59f0
-
SHA512
9be5bd43241437de615ae155f6d19095cccedb2c5510d42dc916304c326303a5e4bc59f1d613cf378078668af3a2e6c1be9f21a77f47ae685870874657227588
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6Gkszf+:1nK6a+qdOOtEvwDpjS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-