Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker
-
Size
68KB
-
Sample
240521-s5t72saf95
-
MD5
534003edc0cf10464fcaa6b66b8b8036
-
SHA1
cd29699d53c6b16ada8fac25198472e411d8b214
-
SHA256
4624aae5c3cd4d994d8dc3f800df640d667fbc3e88742874e0f21f4c3620bac9
-
SHA512
6e322f107e5607b9f6d44ce262c8c7eea552741be4d14a0a824c9b63da63c752e5bfd95c01202635becc2e06e74d941fb605ac55a279731768e5ca0e537618f5
-
SSDEEP
1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAek:78SEOtEvwDpjWYvQd2Px
Behavioral task
behavioral1
Sample
2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker
-
Size
68KB
-
MD5
534003edc0cf10464fcaa6b66b8b8036
-
SHA1
cd29699d53c6b16ada8fac25198472e411d8b214
-
SHA256
4624aae5c3cd4d994d8dc3f800df640d667fbc3e88742874e0f21f4c3620bac9
-
SHA512
6e322f107e5607b9f6d44ce262c8c7eea552741be4d14a0a824c9b63da63c752e5bfd95c01202635becc2e06e74d941fb605ac55a279731768e5ca0e537618f5
-
SSDEEP
1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAek:78SEOtEvwDpjWYvQd2Px
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-