Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-11_08926f99370fbaa312f72b3264600591_cryptolocker
-
Size
56KB
-
Sample
240511-f3lrnsad53
-
MD5
08926f99370fbaa312f72b3264600591
-
SHA1
80613d31506a76a68e008ef77ffeffe83c50c382
-
SHA256
090f2fb3df61f906fc3592eb7b26a01fbbf1ce9d99d84fb7102c3c6d1dc846af
-
SHA512
19b0a804c8a54858431baa8a0dbe5735976d818bff44e164cde2a7b5138169e7913f98e8f2a48235db74814eacf8d77eb5842b9a21c8adb267fe4da07704fafd
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlugJp:bP9g/xtCS3Dxx0ep
Behavioral task
behavioral1
Sample
2024-05-11_08926f99370fbaa312f72b3264600591_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-11_08926f99370fbaa312f72b3264600591_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-11_08926f99370fbaa312f72b3264600591_cryptolocker
-
Size
56KB
-
MD5
08926f99370fbaa312f72b3264600591
-
SHA1
80613d31506a76a68e008ef77ffeffe83c50c382
-
SHA256
090f2fb3df61f906fc3592eb7b26a01fbbf1ce9d99d84fb7102c3c6d1dc846af
-
SHA512
19b0a804c8a54858431baa8a0dbe5735976d818bff44e164cde2a7b5138169e7913f98e8f2a48235db74814eacf8d77eb5842b9a21c8adb267fe4da07704fafd
-
SSDEEP
768:bP9g/WItCSsAfFaeOcfXVr3BPOz5CFBmNuFgUjlugJp:bP9g/xtCS3Dxx0ep
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-