Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker
-
Size
24KB
-
Sample
240528-a7sg5ahe28
-
MD5
a08dd1097036b66cbcfc7cf01dfa01c1
-
SHA1
58cbe3064c025c973f9056b68e65853f26989a6a
-
SHA256
819455bddb490fbacdb831dbf60819fa706bf8b17ebf5a221485523972d78076
-
SHA512
daafd630a3ce7f66bf7cb813ae5abe0fff65f8474a1326b8e7e35ffcbf822666e2d6e2532453bdbb6382c209f865b7df0ff88fb94bb00e63fa5baaad6433ffd0
-
SSDEEP
384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2v:bVCPwFRo6CpwXFXSqQXfjAsJU
Behavioral task
behavioral1
Sample
2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker
-
Size
24KB
-
MD5
a08dd1097036b66cbcfc7cf01dfa01c1
-
SHA1
58cbe3064c025c973f9056b68e65853f26989a6a
-
SHA256
819455bddb490fbacdb831dbf60819fa706bf8b17ebf5a221485523972d78076
-
SHA512
daafd630a3ce7f66bf7cb813ae5abe0fff65f8474a1326b8e7e35ffcbf822666e2d6e2532453bdbb6382c209f865b7df0ff88fb94bb00e63fa5baaad6433ffd0
-
SSDEEP
384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2v:bVCPwFRo6CpwXFXSqQXfjAsJU
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-