Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker
-
Size
95KB
-
Sample
240425-myabeaaa6y
-
MD5
f6525db6b2e96d6a82bcec671dfa4cac
-
SHA1
751f5b13141889744fe39efe22917cf6f88838de
-
SHA256
3c5a47566d482f673b40b2694d9e398d0ac8de5b47672817c095d7da723ced91
-
SHA512
afc3d17660b04e6e86ea991d3e27850ae92eb787973c9bb5a2c6956b10a0baf6c791abd614ba05a8033a0735ba470250145c3054022b97ecd28f619639bfcad5
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYIb:AnBdOOtEvwDpj6zA
Behavioral task
behavioral1
Sample
2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker
-
Size
95KB
-
MD5
f6525db6b2e96d6a82bcec671dfa4cac
-
SHA1
751f5b13141889744fe39efe22917cf6f88838de
-
SHA256
3c5a47566d482f673b40b2694d9e398d0ac8de5b47672817c095d7da723ced91
-
SHA512
afc3d17660b04e6e86ea991d3e27850ae92eb787973c9bb5a2c6956b10a0baf6c791abd614ba05a8033a0735ba470250145c3054022b97ecd28f619639bfcad5
-
SSDEEP
1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYIb:AnBdOOtEvwDpj6zA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-