Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-04_759ad7e953c6ee287297b1a1ec0dd9f6_cryptolocker
-
Size
38KB
-
Sample
240504-d4dfkscb4y
-
MD5
759ad7e953c6ee287297b1a1ec0dd9f6
-
SHA1
1d5cdbe9393d68e1921554a705dce20a0f791b74
-
SHA256
ba43f06baed4281bb97e7d9bc1a7a0ec8c4efc3e0f189b297fd52d9ada8f3807
-
SHA512
c4d55e0144f1e62695287bccc75a4576ae068bb4b78b2e737a1ae10ec857063a2f487d16d145a9ac6dfd645ada268ad62d97b2bfa6d61dbe447432f5d89149a9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan3:qDdFJy3QMOtEvwDpjjWMl7Tdn3
Behavioral task
behavioral1
Sample
2024-05-04_759ad7e953c6ee287297b1a1ec0dd9f6_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-04_759ad7e953c6ee287297b1a1ec0dd9f6_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-04_759ad7e953c6ee287297b1a1ec0dd9f6_cryptolocker
-
Size
38KB
-
MD5
759ad7e953c6ee287297b1a1ec0dd9f6
-
SHA1
1d5cdbe9393d68e1921554a705dce20a0f791b74
-
SHA256
ba43f06baed4281bb97e7d9bc1a7a0ec8c4efc3e0f189b297fd52d9ada8f3807
-
SHA512
c4d55e0144f1e62695287bccc75a4576ae068bb4b78b2e737a1ae10ec857063a2f487d16d145a9ac6dfd645ada268ad62d97b2bfa6d61dbe447432f5d89149a9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYan3:qDdFJy3QMOtEvwDpjjWMl7Tdn3
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-