Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-23_f3d69b011049c6cb3cc4c58f792fa527_cryptolocker
-
Size
79KB
-
Sample
240423-lhsmdafb7y
-
MD5
f3d69b011049c6cb3cc4c58f792fa527
-
SHA1
74dfd2a0f255bf6077ec93171ce6788548c76361
-
SHA256
71dc20ec1b034048569c623b78da89c1b852ca8531d1cb40a7822f7852d2cbb5
-
SHA512
478be145f29932ab72e5063e7764a6d9aafb6e6332a4a2e3a87d5fa5697dce64ce23788087dedfcf729809a48fd6844efd5941abb0fa5891f70fb0962202a5f9
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qpz:zCsanOtEvwDpjp
Behavioral task
behavioral1
Sample
2024-04-23_f3d69b011049c6cb3cc4c58f792fa527_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-23_f3d69b011049c6cb3cc4c58f792fa527_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-23_f3d69b011049c6cb3cc4c58f792fa527_cryptolocker
-
Size
79KB
-
MD5
f3d69b011049c6cb3cc4c58f792fa527
-
SHA1
74dfd2a0f255bf6077ec93171ce6788548c76361
-
SHA256
71dc20ec1b034048569c623b78da89c1b852ca8531d1cb40a7822f7852d2cbb5
-
SHA512
478be145f29932ab72e5063e7764a6d9aafb6e6332a4a2e3a87d5fa5697dce64ce23788087dedfcf729809a48fd6844efd5941abb0fa5891f70fb0962202a5f9
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qpz:zCsanOtEvwDpjp
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-