Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-29_cd1c2831182415e8dd450fbe8c977703_cryptolocker
-
Size
60KB
-
Sample
240529-prswaaed51
-
MD5
cd1c2831182415e8dd450fbe8c977703
-
SHA1
5ec58827f177f8032047d688dc2df353dee5b49e
-
SHA256
2003e6744779879352cefbef1dbc71cd10d877ca8aa31f12efafb33028db336f
-
SHA512
b7aa14535e07e23ceebb2b3cc8170b69da5a50c1d5cd54a64730446a7d57a684c11537afaea54e609d0ab4011a39b6992dfa9bb5278ff2ea1085b5916c3f17de
-
SSDEEP
1536:H6QFElP6n+gou9cvMOtEvwDpjCpVXhhCw:H6a+uSEOtEvwDpjM
Behavioral task
behavioral1
Sample
2024-05-29_cd1c2831182415e8dd450fbe8c977703_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-29_cd1c2831182415e8dd450fbe8c977703_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-29_cd1c2831182415e8dd450fbe8c977703_cryptolocker
-
Size
60KB
-
MD5
cd1c2831182415e8dd450fbe8c977703
-
SHA1
5ec58827f177f8032047d688dc2df353dee5b49e
-
SHA256
2003e6744779879352cefbef1dbc71cd10d877ca8aa31f12efafb33028db336f
-
SHA512
b7aa14535e07e23ceebb2b3cc8170b69da5a50c1d5cd54a64730446a7d57a684c11537afaea54e609d0ab4011a39b6992dfa9bb5278ff2ea1085b5916c3f17de
-
SSDEEP
1536:H6QFElP6n+gou9cvMOtEvwDpjCpVXhhCw:H6a+uSEOtEvwDpjM
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-