Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker
-
Size
38KB
-
Sample
240516-1bgc4ahc33
-
MD5
532295e6aa8fc61b7b169437db841375
-
SHA1
dd92797d2a5e88e9ac5ac701b7744297c1819c1f
-
SHA256
4b943fcd1fad607a7d769f215743ddbd2b68242e5213f31d4fa87dc9f6b21a60
-
SHA512
283ab773b6f47079d121aa79b02c83bfaf4fabbc86d3cb3249afb544bce467fc7942e64db243b2719e157fe8cf5db91398912840a22175e0ba43748836b8a3cc
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3Ai:qUmnpomddpMOtEvwDpjjaYaQZ
Behavioral task
behavioral1
Sample
2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker
-
Size
38KB
-
MD5
532295e6aa8fc61b7b169437db841375
-
SHA1
dd92797d2a5e88e9ac5ac701b7744297c1819c1f
-
SHA256
4b943fcd1fad607a7d769f215743ddbd2b68242e5213f31d4fa87dc9f6b21a60
-
SHA512
283ab773b6f47079d121aa79b02c83bfaf4fabbc86d3cb3249afb544bce467fc7942e64db243b2719e157fe8cf5db91398912840a22175e0ba43748836b8a3cc
-
SSDEEP
768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3Ai:qUmnpomddpMOtEvwDpjjaYaQZ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-