Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-08_6678c103a8b17a22be879b5cc8db29fb_cryptolocker
-
Size
63KB
-
Sample
240408-y93ymsed21
-
MD5
6678c103a8b17a22be879b5cc8db29fb
-
SHA1
0fecfd195045bafbb445c20503af1f79f72c4963
-
SHA256
8efdb20ce0c634ec9e5423f63e509734144c1b38eebca767181b9aaa32fff7df
-
SHA512
0a100f94d7e3f518469eb47630f6a5ff49cd0222170aacdcc4f3012b09710d1be9d62e0f78557337a51e9606e33ed7e6a090b4f26fb40c2e0b444762482ef54f
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mLZ5ScC:zj+soPSMOtEvwDpj4kpmeLmLC
Behavioral task
behavioral1
Sample
2024-04-08_6678c103a8b17a22be879b5cc8db29fb_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-08_6678c103a8b17a22be879b5cc8db29fb_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-08_6678c103a8b17a22be879b5cc8db29fb_cryptolocker
-
Size
63KB
-
MD5
6678c103a8b17a22be879b5cc8db29fb
-
SHA1
0fecfd195045bafbb445c20503af1f79f72c4963
-
SHA256
8efdb20ce0c634ec9e5423f63e509734144c1b38eebca767181b9aaa32fff7df
-
SHA512
0a100f94d7e3f518469eb47630f6a5ff49cd0222170aacdcc4f3012b09710d1be9d62e0f78557337a51e9606e33ed7e6a090b4f26fb40c2e0b444762482ef54f
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mLZ5ScC:zj+soPSMOtEvwDpj4kpmeLmLC
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-