Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-02_da0a14f18ecc3890a67c8ba65f8b0c67_cryptolocker
-
Size
23KB
-
Sample
240502-gsbz6ada55
-
MD5
da0a14f18ecc3890a67c8ba65f8b0c67
-
SHA1
2627efc53f73f59658bde998459444fa6d80a06a
-
SHA256
d86743332bb087565a4f743e4eea4c2ec48bf5169c9bfd0e553785f0d2ec9777
-
SHA512
644f57f322c1198532123ebdc552f459a3416fb7fb1f40f7c62133e305b9e79b86296b94d42bcf4ac68b8a5d82110b53c398e8864f51b74e42da15cf4e78e2ae
-
SSDEEP
384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6Hje:bVCPwFRo6CpwXFXSqQXfjAK
Behavioral task
behavioral1
Sample
2024-05-02_da0a14f18ecc3890a67c8ba65f8b0c67_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-02_da0a14f18ecc3890a67c8ba65f8b0c67_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-02_da0a14f18ecc3890a67c8ba65f8b0c67_cryptolocker
-
Size
23KB
-
MD5
da0a14f18ecc3890a67c8ba65f8b0c67
-
SHA1
2627efc53f73f59658bde998459444fa6d80a06a
-
SHA256
d86743332bb087565a4f743e4eea4c2ec48bf5169c9bfd0e553785f0d2ec9777
-
SHA512
644f57f322c1198532123ebdc552f459a3416fb7fb1f40f7c62133e305b9e79b86296b94d42bcf4ac68b8a5d82110b53c398e8864f51b74e42da15cf4e78e2ae
-
SSDEEP
384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6Hje:bVCPwFRo6CpwXFXSqQXfjAK
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-