Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker
-
Size
96KB
-
Sample
240420-kefyqsce96
-
MD5
62b89cde4629503c02210a385b551df6
-
SHA1
f64ca65eea7680f940f6cc8a52d22d76964b5028
-
SHA256
2f15c09dc613d992685f3de0c82a0170f2895e1ea04c465b253a14e5f9705c6c
-
SHA512
fde0e9cdfc9b678ff70e15714aa7cb5d670fb67945a9d23b7d0f2439527bb22c19ce3dd62f473b5e26df3d23cf0f34b6445490e4d0f1625b205a3f572160856b
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYy9pL:AnBdOOtEvwDpj6zQ
Behavioral task
behavioral1
Sample
2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker
-
Size
96KB
-
MD5
62b89cde4629503c02210a385b551df6
-
SHA1
f64ca65eea7680f940f6cc8a52d22d76964b5028
-
SHA256
2f15c09dc613d992685f3de0c82a0170f2895e1ea04c465b253a14e5f9705c6c
-
SHA512
fde0e9cdfc9b678ff70e15714aa7cb5d670fb67945a9d23b7d0f2439527bb22c19ce3dd62f473b5e26df3d23cf0f34b6445490e4d0f1625b205a3f572160856b
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYy9pL:AnBdOOtEvwDpj6zQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-