Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker
-
Size
59KB
-
Sample
240527-wmldzade88
-
MD5
5120f104b3f69b5866a376e61bd37233
-
SHA1
7d3f2c442edd0a455c9d726c96f98821be1a6f68
-
SHA256
f2d913398fe248a5acab694fe282b1e572aa82e038557ee8fff0aa3b433f56aa
-
SHA512
3462d3cd0710080fe1348ec4758b53490cade34392c100e0862710be782a537708b6d7a0943f00d9bfd1075974483d861fcc96953939c561be66a7efc4afaabc
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj9:H6QFElP6n+gou9cvMOtEvwDpjCpVXA
Behavioral task
behavioral1
Sample
2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker
-
Size
59KB
-
MD5
5120f104b3f69b5866a376e61bd37233
-
SHA1
7d3f2c442edd0a455c9d726c96f98821be1a6f68
-
SHA256
f2d913398fe248a5acab694fe282b1e572aa82e038557ee8fff0aa3b433f56aa
-
SHA512
3462d3cd0710080fe1348ec4758b53490cade34392c100e0862710be782a537708b6d7a0943f00d9bfd1075974483d861fcc96953939c561be66a7efc4afaabc
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj9:H6QFElP6n+gou9cvMOtEvwDpjCpVXA
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-