Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-17_1bc6d76d61a94c4b789c554350ad43be_cryptolocker
-
Size
67KB
-
Sample
240417-x59d7abg72
-
MD5
1bc6d76d61a94c4b789c554350ad43be
-
SHA1
5a12d09e9d9855969d675b9432aa6fe7a81788fb
-
SHA256
f0076e303ac1915bf38a587147412f26d43f3711ae8d1db5c91ae30d2e0eba7b
-
SHA512
656620acac6b11097afe6bfd1239521878dfb5da4213747f0dd885c92d90173690725089887970ebc45d2a72862b398a766d3141d849069c7460e396c9402d35
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pt:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAt
Behavioral task
behavioral1
Sample
2024-04-17_1bc6d76d61a94c4b789c554350ad43be_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-17_1bc6d76d61a94c4b789c554350ad43be_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-17_1bc6d76d61a94c4b789c554350ad43be_cryptolocker
-
Size
67KB
-
MD5
1bc6d76d61a94c4b789c554350ad43be
-
SHA1
5a12d09e9d9855969d675b9432aa6fe7a81788fb
-
SHA256
f0076e303ac1915bf38a587147412f26d43f3711ae8d1db5c91ae30d2e0eba7b
-
SHA512
656620acac6b11097afe6bfd1239521878dfb5da4213747f0dd885c92d90173690725089887970ebc45d2a72862b398a766d3141d849069c7460e396c9402d35
-
SSDEEP
768:quVbxjgQNQXtckstOOtEvwDpjAaDOK6PsED3VK2+ZtyOjgO4r9vFAg2rq6W1A1Pt:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAt
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-