Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker
-
Size
81KB
-
Sample
240525-f5yh9afg4x
-
MD5
3f6608a76f5a90f207bf872fce8a5b96
-
SHA1
6192edf74b77dcf92b67539f3dfe8246dc5d7257
-
SHA256
30de18802fc9233ff077a434daffc2c79cf6b2817dbf010dd2e5be80ef28f38d
-
SHA512
dc3af75250af2cf6def8ecdeb24c96162e48b9c97ad3f31bb8bb2c71286655d1f51d9fcf65d71d736c2274b7a0600a80bb3e891234fd0e6cffa5e662e8b96a9b
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QM:zCsanOtEvwDpjo
Behavioral task
behavioral1
Sample
2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker
-
Size
81KB
-
MD5
3f6608a76f5a90f207bf872fce8a5b96
-
SHA1
6192edf74b77dcf92b67539f3dfe8246dc5d7257
-
SHA256
30de18802fc9233ff077a434daffc2c79cf6b2817dbf010dd2e5be80ef28f38d
-
SHA512
dc3af75250af2cf6def8ecdeb24c96162e48b9c97ad3f31bb8bb2c71286655d1f51d9fcf65d71d736c2274b7a0600a80bb3e891234fd0e6cffa5e662e8b96a9b
-
SSDEEP
1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QM:zCsanOtEvwDpjo
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-