Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker
-
Size
63KB
-
Sample
240329-erq2ksaa63
-
MD5
ea25d6e042fbbdbcd53519bfe58bba1d
-
SHA1
bbb887bf005d499284ab2e2b1262cb1b7df88e14
-
SHA256
61ab4acf8f5df56aeae5bcde1df99ccff9923ddb63a4a4605be30b67115319d0
-
SHA512
9a9bbc9067d3cf2dddf4ee89d9eebf88aaa1dcd52b0f904971f00e92ab0285c8b35c68dfc3a46eb6b986529aec5d35787a636436681fe2adefa114baac021726
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVwfX7:zj+soPSMOtEvwDpj4kpmeLmnw7
Behavioral task
behavioral1
Sample
2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker
-
Size
63KB
-
MD5
ea25d6e042fbbdbcd53519bfe58bba1d
-
SHA1
bbb887bf005d499284ab2e2b1262cb1b7df88e14
-
SHA256
61ab4acf8f5df56aeae5bcde1df99ccff9923ddb63a4a4605be30b67115319d0
-
SHA512
9a9bbc9067d3cf2dddf4ee89d9eebf88aaa1dcd52b0f904971f00e92ab0285c8b35c68dfc3a46eb6b986529aec5d35787a636436681fe2adefa114baac021726
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVwfX7:zj+soPSMOtEvwDpj4kpmeLmnw7
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-