Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker
-
Size
36KB
-
Sample
240415-zs8m8sgc45
-
MD5
d1fbaf2b042a319863342fee1d9e854e
-
SHA1
39182569bb5c4310670884f0e5bdcb9f23815ec7
-
SHA256
099f2c9f341e07bf055d481973759aa2b1f3a86a71ee3817ce046cd11712c894
-
SHA512
ce3ec0b6bf7c4e81008795f1b302bbe8a0671f1f77061f9f3d31bf0e079c08e75f3e9aec06aaeba68c054fe2e5adb8cceb32512c4161df414b519cd53f7aa357
-
SSDEEP
768:b7W5A8WtijKeOcfXor3BPOz5CFBmNuFgM:b7W5AWjTGx02
Behavioral task
behavioral1
Sample
2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker
-
Size
36KB
-
MD5
d1fbaf2b042a319863342fee1d9e854e
-
SHA1
39182569bb5c4310670884f0e5bdcb9f23815ec7
-
SHA256
099f2c9f341e07bf055d481973759aa2b1f3a86a71ee3817ce046cd11712c894
-
SHA512
ce3ec0b6bf7c4e81008795f1b302bbe8a0671f1f77061f9f3d31bf0e079c08e75f3e9aec06aaeba68c054fe2e5adb8cceb32512c4161df414b519cd53f7aa357
-
SSDEEP
768:b7W5A8WtijKeOcfXor3BPOz5CFBmNuFgM:b7W5AWjTGx02
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-