Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-01_8cc06975b1620c3966116af1e1e36471_cryptolocker
-
Size
56KB
-
Sample
240501-kk3dxsde42
-
MD5
8cc06975b1620c3966116af1e1e36471
-
SHA1
ce33e306f6ef1d49e438d64f7580d25083c1b2aa
-
SHA256
f2fbf246009bb7f82f0301bc81608abd1dd9a34b9f5a62338b413e7fd938585d
-
SHA512
a497b4831e09a5d2c1de8cf50f380f35d879602a84d46a3264f411815133d37c4af9a8535d1e8e59d00c95fc29f2e3d4210471feace07b1f1c67dae93732819f
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyJ:BbdDmjr+OtEvwDpjM+
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-01_8cc06975b1620c3966116af1e1e36471_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-01_8cc06975b1620c3966116af1e1e36471_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-01_8cc06975b1620c3966116af1e1e36471_cryptolocker
-
Size
56KB
-
MD5
8cc06975b1620c3966116af1e1e36471
-
SHA1
ce33e306f6ef1d49e438d64f7580d25083c1b2aa
-
SHA256
f2fbf246009bb7f82f0301bc81608abd1dd9a34b9f5a62338b413e7fd938585d
-
SHA512
a497b4831e09a5d2c1de8cf50f380f35d879602a84d46a3264f411815133d37c4af9a8535d1e8e59d00c95fc29f2e3d4210471feace07b1f1c67dae93732819f
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyJ:BbdDmjr+OtEvwDpjM+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-