Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker
-
Size
90KB
-
Sample
240512-d32rsaed9v
-
MD5
154dfc2a8b080efa2325450db484684f
-
SHA1
474d7f2fb9fbf9b86681c7b7697f9e2d88e7290e
-
SHA256
9922a3809ad2c481544186dd15b1cca8522884bafca885fc25e73a7d2cd0c5c2
-
SHA512
04872ce5ad3f09731770fb9009b718faf40115103b4657708bc9a59e684a1a94ef25408a092873e8d899b13c35f97eef224e9b7a2836a2cdaac32405602d1d21
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/U:n6a+1SEOtEvwDpjYYvQd2PT
Behavioral task
behavioral1
Sample
2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker
-
Size
90KB
-
MD5
154dfc2a8b080efa2325450db484684f
-
SHA1
474d7f2fb9fbf9b86681c7b7697f9e2d88e7290e
-
SHA256
9922a3809ad2c481544186dd15b1cca8522884bafca885fc25e73a7d2cd0c5c2
-
SHA512
04872ce5ad3f09731770fb9009b718faf40115103b4657708bc9a59e684a1a94ef25408a092873e8d899b13c35f97eef224e9b7a2836a2cdaac32405602d1d21
-
SSDEEP
1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/U:n6a+1SEOtEvwDpjYYvQd2PT
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-