Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-18_cb4cd07ca7b3fa8da3e4b62d32d84115_cryptolocker
-
Size
54KB
-
Sample
240418-gf3bkseb4s
-
MD5
cb4cd07ca7b3fa8da3e4b62d32d84115
-
SHA1
37bef5bdc59858efae5da1a3ac6ba09c6515ebe4
-
SHA256
6c7d288794c102582a324388235a1c908528bbdfc9b0bbad6cbf23b7f36ec6f0
-
SHA512
bea6a0721fbef4f005640efdad37fd3c23cb0d5a0f18c8f7ee23abf4ff89fe2f4c4cb9bdee09af500a891a868a005cb6ec4c45851c2cee1638de9136d36a0c8a
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlo:bP9g/xtCS3Dxx0r
Behavioral task
behavioral1
Sample
2024-04-18_cb4cd07ca7b3fa8da3e4b62d32d84115_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-18_cb4cd07ca7b3fa8da3e4b62d32d84115_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-18_cb4cd07ca7b3fa8da3e4b62d32d84115_cryptolocker
-
Size
54KB
-
MD5
cb4cd07ca7b3fa8da3e4b62d32d84115
-
SHA1
37bef5bdc59858efae5da1a3ac6ba09c6515ebe4
-
SHA256
6c7d288794c102582a324388235a1c908528bbdfc9b0bbad6cbf23b7f36ec6f0
-
SHA512
bea6a0721fbef4f005640efdad37fd3c23cb0d5a0f18c8f7ee23abf4ff89fe2f4c4cb9bdee09af500a891a868a005cb6ec4c45851c2cee1638de9136d36a0c8a
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlo:bP9g/xtCS3Dxx0r
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-