Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker
-
Size
38KB
-
Sample
240501-yvhzxshf57
-
MD5
1170e3c347fec70e64a702cd0674706a
-
SHA1
181d1001a5a11cfb3f2d427705cd1c01e94a25f2
-
SHA256
4e928a64a1109436f99277447561be4ebf689edcbf5e52ed60a397f871ca1a10
-
SHA512
9b188298aa0d3d5337dc55892be8a6f6780ed3f266c7d829cd6ce62b302146ed11d792e602df5c9ce36dda76cbc9c83562bbaa419f1525e51c9349928e8519b9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYO:qDdFJy3QMOtEvwDpjjWMl7TP
Behavioral task
behavioral1
Sample
2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker
-
Size
38KB
-
MD5
1170e3c347fec70e64a702cd0674706a
-
SHA1
181d1001a5a11cfb3f2d427705cd1c01e94a25f2
-
SHA256
4e928a64a1109436f99277447561be4ebf689edcbf5e52ed60a397f871ca1a10
-
SHA512
9b188298aa0d3d5337dc55892be8a6f6780ed3f266c7d829cd6ce62b302146ed11d792e602df5c9ce36dda76cbc9c83562bbaa419f1525e51c9349928e8519b9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYO:qDdFJy3QMOtEvwDpjjWMl7TP
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-