Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-06_73c3cd3be3199cd43c10eb3da22d04b0_cryptolocker
-
Size
39KB
-
Sample
240506-3eg5xagb7v
-
MD5
73c3cd3be3199cd43c10eb3da22d04b0
-
SHA1
a3dffe2ba2c6cf913e2561856d782072ec1c68c6
-
SHA256
aa371202c138abe77c8c3544031ef81d11c990f2c6b129071e87cd1d35834a96
-
SHA512
f3c8d2b806a33c4db21347f2db11ed19f43cd8ccf0e4a09edaa2508940c6df6ee4af599200a6881fbf93fcc0de9b0ca825e56d87c27041876538e35b5b29db09
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9d:qDdFJy3QMOtEvwDpjjWMl7TO
Behavioral task
behavioral1
Sample
2024-05-06_73c3cd3be3199cd43c10eb3da22d04b0_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-05-06_73c3cd3be3199cd43c10eb3da22d04b0_cryptolocker.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-06_73c3cd3be3199cd43c10eb3da22d04b0_cryptolocker
-
Size
39KB
-
MD5
73c3cd3be3199cd43c10eb3da22d04b0
-
SHA1
a3dffe2ba2c6cf913e2561856d782072ec1c68c6
-
SHA256
aa371202c138abe77c8c3544031ef81d11c990f2c6b129071e87cd1d35834a96
-
SHA512
f3c8d2b806a33c4db21347f2db11ed19f43cd8ccf0e4a09edaa2508940c6df6ee4af599200a6881fbf93fcc0de9b0ca825e56d87c27041876538e35b5b29db09
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9d:qDdFJy3QMOtEvwDpjjWMl7TO
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-