Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker
-
Size
62KB
-
Sample
240419-vdlgyahg58
-
MD5
a847a5c5a23fd7f1f6ea71d746e9a4e5
-
SHA1
4d5aaa15499e000a25ca925283325a1e3402aceb
-
SHA256
5a2a031a31d9229603d8ec1b5591933c3eff79b126ab27f3411d8e3532fcb2d1
-
SHA512
d6e825165b95ab13fc78db649da65c6f44199677202e4966954df5efde1a4a11a177e5d0c5bb26445e53dbc9c4f37da9a10a2f5258404cdfa872fc103f2ab06b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiu:BbdDmjr+OtEvwDpjM8z
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker
-
Size
62KB
-
MD5
a847a5c5a23fd7f1f6ea71d746e9a4e5
-
SHA1
4d5aaa15499e000a25ca925283325a1e3402aceb
-
SHA256
5a2a031a31d9229603d8ec1b5591933c3eff79b126ab27f3411d8e3532fcb2d1
-
SHA512
d6e825165b95ab13fc78db649da65c6f44199677202e4966954df5efde1a4a11a177e5d0c5bb26445e53dbc9c4f37da9a10a2f5258404cdfa872fc103f2ab06b
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiu:BbdDmjr+OtEvwDpjM8z
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-