Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-29_c11c407ac30f2b089fe5fddc8ea8beb7_cryptolocker
-
Size
60KB
-
Sample
240529-hmwcaaeh25
-
MD5
c11c407ac30f2b089fe5fddc8ea8beb7
-
SHA1
3a2ba2b5f494f0c5080c582aefc064ffdcd8f169
-
SHA256
44f02259fc6644458354305ab08eff281d162e460bdc12411f589dd20b567adb
-
SHA512
6fc53b715617a04f888cf87a8ef86cf6e15467207904e421fcc955adcc064f64e1d452b3e65385cd3467dbc6b07b2a4d7cfe80df2b9f7b54afdc7dc9f1284a10
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pINx:H6QFElP6n+gou9cvMOtEvwDpjCpVXiNx
Malware Config
Targets
-
-
Target
2024-05-29_c11c407ac30f2b089fe5fddc8ea8beb7_cryptolocker
-
Size
60KB
-
MD5
c11c407ac30f2b089fe5fddc8ea8beb7
-
SHA1
3a2ba2b5f494f0c5080c582aefc064ffdcd8f169
-
SHA256
44f02259fc6644458354305ab08eff281d162e460bdc12411f589dd20b567adb
-
SHA512
6fc53b715617a04f888cf87a8ef86cf6e15467207904e421fcc955adcc064f64e1d452b3e65385cd3467dbc6b07b2a4d7cfe80df2b9f7b54afdc7dc9f1284a10
-
SSDEEP
768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAP6pINx:H6QFElP6n+gou9cvMOtEvwDpjCpVXiNx
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-