Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-01_2517490a50f52adf5fd3506e33a88914_cryptolocker
-
Size
55KB
-
Sample
240501-pncd5agh63
-
MD5
2517490a50f52adf5fd3506e33a88914
-
SHA1
712db91bd47ba39d35aeccbd9bb9dfd1b75cdee5
-
SHA256
a81ab28d9bb0c0c99d5a93ea70711ebd7a25da6300e527b57fc8e0d80acc437a
-
SHA512
d251954f44b993e2a96a4070cea987a8fd62278e01c7d1031f2af041b2eefef8747028b32ff35163acdb3c3ad8d9c22476ffacf95ab4836362fbb8195a916d08
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyM:BbdDmjr+OtEvwDpjM/
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-01_2517490a50f52adf5fd3506e33a88914_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-01_2517490a50f52adf5fd3506e33a88914_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-01_2517490a50f52adf5fd3506e33a88914_cryptolocker
-
Size
55KB
-
MD5
2517490a50f52adf5fd3506e33a88914
-
SHA1
712db91bd47ba39d35aeccbd9bb9dfd1b75cdee5
-
SHA256
a81ab28d9bb0c0c99d5a93ea70711ebd7a25da6300e527b57fc8e0d80acc437a
-
SHA512
d251954f44b993e2a96a4070cea987a8fd62278e01c7d1031f2af041b2eefef8747028b32ff35163acdb3c3ad8d9c22476ffacf95ab4836362fbb8195a916d08
-
SSDEEP
1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyM:BbdDmjr+OtEvwDpjM/
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-