Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker
-
Size
50KB
-
Sample
240329-dyxx2age3z
-
MD5
01bb0e22ada23acd462ad3393ebbabdf
-
SHA1
6248749a570ad3865627d49e4a8bae9de109547e
-
SHA256
a262fa7137f55829bb65057fdfa0bcbd91e5f3c40ea136b4432d2541d97ef6f2
-
SHA512
1784c486f08e67a15b2aad4c57055927acbef5354d1d11848212ecc8a83499afeee87579c49070ca60b62ccd0c74914cf23aa41220eb87127986e50c928df224
-
SSDEEP
1536:nP+4zs2cPszL3MOtEvwDpj4Hy7B3g9CWuAxWLQI:m4Q2ckzIOtEvwDpj4HYv
Behavioral task
behavioral1
Sample
2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker
-
Size
50KB
-
MD5
01bb0e22ada23acd462ad3393ebbabdf
-
SHA1
6248749a570ad3865627d49e4a8bae9de109547e
-
SHA256
a262fa7137f55829bb65057fdfa0bcbd91e5f3c40ea136b4432d2541d97ef6f2
-
SHA512
1784c486f08e67a15b2aad4c57055927acbef5354d1d11848212ecc8a83499afeee87579c49070ca60b62ccd0c74914cf23aa41220eb87127986e50c928df224
-
SSDEEP
1536:nP+4zs2cPszL3MOtEvwDpj4Hy7B3g9CWuAxWLQI:m4Q2ckzIOtEvwDpj4HYv
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-