Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker
-
Size
96KB
-
Sample
240422-f45wyagc94
-
MD5
df366692aa399ed352c4a884b7644e51
-
SHA1
61249d74c0a77da8172335c6eb6c98aa8466e281
-
SHA256
61c7b3e79d53bae55e2aa1cc159842fe1057558b4a3edcb24144fb75972946cd
-
SHA512
fa1646ac51e2d5426e55f7e549837f7cb1b2de201911fc7f1d458fc5f81a1af5ebe59ca71009bb7ce9cecbef15bef0cfd4544d971f29ac4cefc9ba3ef70f9428
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/by:zCsanOtEvwDpjB+
Behavioral task
behavioral1
Sample
2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker
-
Size
96KB
-
MD5
df366692aa399ed352c4a884b7644e51
-
SHA1
61249d74c0a77da8172335c6eb6c98aa8466e281
-
SHA256
61c7b3e79d53bae55e2aa1cc159842fe1057558b4a3edcb24144fb75972946cd
-
SHA512
fa1646ac51e2d5426e55f7e549837f7cb1b2de201911fc7f1d458fc5f81a1af5ebe59ca71009bb7ce9cecbef15bef0cfd4544d971f29ac4cefc9ba3ef70f9428
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/by:zCsanOtEvwDpjB+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-