Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker
-
Size
65KB
-
Sample
240430-xvjqsaea5v
-
MD5
663fc31ea8e1fc5623b3c03817d2b232
-
SHA1
ff8cae4428a4daa1fcf6a07cd5c6d670eab4b2b7
-
SHA256
fc9e09a5107cd542f3b39ca4115403adcd6a7e57c8194d33ef83d9deb803d2c0
-
SHA512
5de0947ceef57ef2893150fdc7c27fcb82e0e6cf12b26873bd4659d7825502792a2917eeefd7b765c8abce849d5f413ce5bdff2b4bb1c85b1ea23ff196b0f256
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyv:1nK6a+qdOOtEvwDpj8
Behavioral task
behavioral1
Sample
2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker
-
Size
65KB
-
MD5
663fc31ea8e1fc5623b3c03817d2b232
-
SHA1
ff8cae4428a4daa1fcf6a07cd5c6d670eab4b2b7
-
SHA256
fc9e09a5107cd542f3b39ca4115403adcd6a7e57c8194d33ef83d9deb803d2c0
-
SHA512
5de0947ceef57ef2893150fdc7c27fcb82e0e6cf12b26873bd4659d7825502792a2917eeefd7b765c8abce849d5f413ce5bdff2b4bb1c85b1ea23ff196b0f256
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyv:1nK6a+qdOOtEvwDpj8
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-