Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker
-
Size
57KB
-
Sample
240328-dygaaadf9x
-
MD5
0246340b9ca915387c85df4645c336ea
-
SHA1
f6caeb7b4409bbac8811f3de63f3d9a066a8cfe0
-
SHA256
72a34ac5aabd8009dbee2acd2fdb6be62bfb29fa16e65384e22887c46192ea85
-
SHA512
bb4117d6d8c021fb13435b66f458fa601762b3a72c3781e773c6bc27d3e7c813bf6c2fab15ed0726b98f904de094aa0730a5be9dae9b9d4ad8f33fc2a5866d3f
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYa9mpLI:z6a+CdOOtEvwDpjQP
Behavioral task
behavioral1
Sample
2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker
-
Size
57KB
-
MD5
0246340b9ca915387c85df4645c336ea
-
SHA1
f6caeb7b4409bbac8811f3de63f3d9a066a8cfe0
-
SHA256
72a34ac5aabd8009dbee2acd2fdb6be62bfb29fa16e65384e22887c46192ea85
-
SHA512
bb4117d6d8c021fb13435b66f458fa601762b3a72c3781e773c6bc27d3e7c813bf6c2fab15ed0726b98f904de094aa0730a5be9dae9b9d4ad8f33fc2a5866d3f
-
SSDEEP
1536:z6QFElP6n+gKmddpMOtEvwDpj9aYa9mpLI:z6a+CdOOtEvwDpjQP
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-