Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-09_81f294bec83d13ba4ddd822fb13e4e2e_cryptolocker
-
Size
72KB
-
Sample
240509-r5myasfb3z
-
MD5
81f294bec83d13ba4ddd822fb13e4e2e
-
SHA1
85de66107ab8a7e028e952aaa3d2e105fabf002f
-
SHA256
47dd57afebbda0b8d76470d772db62d13619ccc0d197487a87e875bcaeb9da83
-
SHA512
16e822443c10b74adfca4450626d9cc8625bc5741d5c15f0ecb4d71c8af9e2dac558f94101792b2324f732910e418afadf11630b4aab159c3c3c606f4ac2e0d5
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs97:C4Q2c94OtEvwDpj4H8z+
Behavioral task
behavioral1
Sample
2024-05-09_81f294bec83d13ba4ddd822fb13e4e2e_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-09_81f294bec83d13ba4ddd822fb13e4e2e_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-09_81f294bec83d13ba4ddd822fb13e4e2e_cryptolocker
-
Size
72KB
-
MD5
81f294bec83d13ba4ddd822fb13e4e2e
-
SHA1
85de66107ab8a7e028e952aaa3d2e105fabf002f
-
SHA256
47dd57afebbda0b8d76470d772db62d13619ccc0d197487a87e875bcaeb9da83
-
SHA512
16e822443c10b74adfca4450626d9cc8625bc5741d5c15f0ecb4d71c8af9e2dac558f94101792b2324f732910e418afadf11630b4aab159c3c3c606f4ac2e0d5
-
SSDEEP
1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs97:C4Q2c94OtEvwDpj4H8z+
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-