Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker
-
Size
38KB
-
Sample
240424-b1qkmadg7t
-
MD5
edd9166edbf6fbc22b15afc7f9b8bf90
-
SHA1
e36cb39d54bb3b6cd83351c4affba09fd2210ee5
-
SHA256
4105ca482dae3c6fba5eb44df4aec3795de037b52ba80f0973dd01c85b3cb88f
-
SHA512
5943cd0696b6027166daabdd4f4743405f5863fc2d4e7b9a145aec54e9d1b9cba25152a07e72532361f46d56f58441c2fcc5a6014bad7cc3a39e16a9c3dea31d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYR:qDdFJy3QMOtEvwDpjjWMl7T0
Behavioral task
behavioral1
Sample
2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker
-
Size
38KB
-
MD5
edd9166edbf6fbc22b15afc7f9b8bf90
-
SHA1
e36cb39d54bb3b6cd83351c4affba09fd2210ee5
-
SHA256
4105ca482dae3c6fba5eb44df4aec3795de037b52ba80f0973dd01c85b3cb88f
-
SHA512
5943cd0696b6027166daabdd4f4743405f5863fc2d4e7b9a145aec54e9d1b9cba25152a07e72532361f46d56f58441c2fcc5a6014bad7cc3a39e16a9c3dea31d
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYR:qDdFJy3QMOtEvwDpjjWMl7T0
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-