Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-19_60f2a54aaf3e471526e02d01f8a0d802_cryptolocker
-
Size
55KB
-
Sample
240419-kcrx8acg88
-
MD5
60f2a54aaf3e471526e02d01f8a0d802
-
SHA1
f8b0f4e9c956f095efc1c4fd8b73ba2b33a39811
-
SHA256
fb9d22734373dee308c065f0a52ad911f486c34e47756ec38c5f64c44ce3fdb4
-
SHA512
63d0f7cf23767e5af7d170307a0c650d3c872bde775fca3ad00f73471e0f34d8311ec0e71784b38093d22ff4d98f67ab942695977fcfa9207a47f8980b4299c8
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlN:bP9g/xtCS3Dxx0K
Behavioral task
behavioral1
Sample
2024-04-19_60f2a54aaf3e471526e02d01f8a0d802_cryptolocker.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-04-19_60f2a54aaf3e471526e02d01f8a0d802_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-19_60f2a54aaf3e471526e02d01f8a0d802_cryptolocker
-
Size
55KB
-
MD5
60f2a54aaf3e471526e02d01f8a0d802
-
SHA1
f8b0f4e9c956f095efc1c4fd8b73ba2b33a39811
-
SHA256
fb9d22734373dee308c065f0a52ad911f486c34e47756ec38c5f64c44ce3fdb4
-
SHA512
63d0f7cf23767e5af7d170307a0c650d3c872bde775fca3ad00f73471e0f34d8311ec0e71784b38093d22ff4d98f67ab942695977fcfa9207a47f8980b4299c8
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlN:bP9g/xtCS3Dxx0K
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-