Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker
-
Size
36KB
-
Sample
240415-l8qkpsca28
-
MD5
c86e753ecd2712a2f05f6a6291278235
-
SHA1
64ca7fd4b10cee49ab9c334bc427a7b207a9bcd6
-
SHA256
c7266d9f4a78f8871d9a56f7be6e9de591fe27c233e299836a43fa6b40b13c82
-
SHA512
7b15efb19a4edc8c04e22b1621ec576b877369c1a5fc2a943fbe2c4724cdb08ac872415d48b56a7d65ef72e28119fa4a3528104257d2b400a9669bf6cbda942b
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKp:qUmnpomddpMOtEvwDpjjaYaq
Behavioral task
behavioral1
Sample
2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker
-
Size
36KB
-
MD5
c86e753ecd2712a2f05f6a6291278235
-
SHA1
64ca7fd4b10cee49ab9c334bc427a7b207a9bcd6
-
SHA256
c7266d9f4a78f8871d9a56f7be6e9de591fe27c233e299836a43fa6b40b13c82
-
SHA512
7b15efb19a4edc8c04e22b1621ec576b877369c1a5fc2a943fbe2c4724cdb08ac872415d48b56a7d65ef72e28119fa4a3528104257d2b400a9669bf6cbda942b
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKp:qUmnpomddpMOtEvwDpjjaYaq
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-