Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker
-
Size
78KB
-
Sample
240513-plv4fsfb54
-
MD5
1e9a84c7edc546ca3617c1b1e61a29a4
-
SHA1
7da09c1c417d1ce26b495da5e95431e2800b525e
-
SHA256
3c8bb7241bec12f1e28786bb466483c2827e6686e7cd31bd2ff5bfbeb90b8d07
-
SHA512
d90056b4a754bf8c4d5baeb553fadccf39fa87215477611b4871e0b49f2331ca69f7b74f348ff30c83d26075d0268016217859004f94757099e8eb399d320652
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1H:T6a+rdOOtEvwDpjNtHPc
Behavioral task
behavioral1
Sample
2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker
-
Size
78KB
-
MD5
1e9a84c7edc546ca3617c1b1e61a29a4
-
SHA1
7da09c1c417d1ce26b495da5e95431e2800b525e
-
SHA256
3c8bb7241bec12f1e28786bb466483c2827e6686e7cd31bd2ff5bfbeb90b8d07
-
SHA512
d90056b4a754bf8c4d5baeb553fadccf39fa87215477611b4871e0b49f2331ca69f7b74f348ff30c83d26075d0268016217859004f94757099e8eb399d320652
-
SSDEEP
1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1H:T6a+rdOOtEvwDpjNtHPc
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-