Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-28_f3293df4d1a7668bc663213adfc6d26a_cryptolocker
-
Size
65KB
-
Sample
240428-gjd36ahd84
-
MD5
f3293df4d1a7668bc663213adfc6d26a
-
SHA1
9644e6059e12ee5faab28a1df16cd7cda24ec8ad
-
SHA256
60ac3ba5b4cb94ecfc94e682bc30dfaf8b58671b0e43ff147bdd7f56afa04608
-
SHA512
d1d6a529973378bed4f47942595000faeeb98b25a2fba4d86e8f8ed581304723d56d649e0c1b04bfa3a6143742276280b37acd5756140170b80542c2b466dfdd
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyU:1nK6a+qdOOtEvwDpj3
Behavioral task
behavioral1
Sample
2024-04-28_f3293df4d1a7668bc663213adfc6d26a_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-28_f3293df4d1a7668bc663213adfc6d26a_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-28_f3293df4d1a7668bc663213adfc6d26a_cryptolocker
-
Size
65KB
-
MD5
f3293df4d1a7668bc663213adfc6d26a
-
SHA1
9644e6059e12ee5faab28a1df16cd7cda24ec8ad
-
SHA256
60ac3ba5b4cb94ecfc94e682bc30dfaf8b58671b0e43ff147bdd7f56afa04608
-
SHA512
d1d6a529973378bed4f47942595000faeeb98b25a2fba4d86e8f8ed581304723d56d649e0c1b04bfa3a6143742276280b37acd5756140170b80542c2b466dfdd
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyU:1nK6a+qdOOtEvwDpj3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-