Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker
-
Size
89KB
-
Sample
240416-kpmh9sdg35
-
MD5
cc7d6aca6a99556baddb8d432368b86d
-
SHA1
c0944e8cf4d2eb6fbd7dcf9ee0e91cf64d5f6ace
-
SHA256
b26521fa55e9ddd02522294affcda1815c6c736387c718c1ff7a42559662ce7b
-
SHA512
04e7219e584b53cd3408afa67c754be9b4faac32182cccc81d1a6ccf53abae11ecbc168aed576b707fdd5e0f0507009fb8b852ffe3d7c7dd820b102c707b31fb
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz
Behavioral task
behavioral1
Sample
2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker
-
Size
89KB
-
MD5
cc7d6aca6a99556baddb8d432368b86d
-
SHA1
c0944e8cf4d2eb6fbd7dcf9ee0e91cf64d5f6ace
-
SHA256
b26521fa55e9ddd02522294affcda1815c6c736387c718c1ff7a42559662ce7b
-
SHA512
04e7219e584b53cd3408afa67c754be9b4faac32182cccc81d1a6ccf53abae11ecbc168aed576b707fdd5e0f0507009fb8b852ffe3d7c7dd820b102c707b31fb
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-