Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker
-
Size
38KB
-
Sample
240418-3dxtzahh77
-
MD5
5552d9c93ff3f4017866733bebaca569
-
SHA1
007c5cdf7c10f7992bafc008c77848ff1d954919
-
SHA256
b2aeab69ae04328a88486b5b0478678a92a15bc3c230cf8a8e2e7ec179e8f560
-
SHA512
350e73866e5622cc083de44e06d4b836b13109893f709b56c72a45705c9adeea593cba83d6eba2e5b3d90f06a8e7ae6fe70c8ba2ee6ca1f3e1cf89782e26b508
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYak:qDdFJy3QMOtEvwDpjjWMl7Tdk
Behavioral task
behavioral1
Sample
2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker
-
Size
38KB
-
MD5
5552d9c93ff3f4017866733bebaca569
-
SHA1
007c5cdf7c10f7992bafc008c77848ff1d954919
-
SHA256
b2aeab69ae04328a88486b5b0478678a92a15bc3c230cf8a8e2e7ec179e8f560
-
SHA512
350e73866e5622cc083de44e06d4b836b13109893f709b56c72a45705c9adeea593cba83d6eba2e5b3d90f06a8e7ae6fe70c8ba2ee6ca1f3e1cf89782e26b508
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYak:qDdFJy3QMOtEvwDpjjWMl7Tdk
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-