Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-30_b52d1d132be56a2a8bd725a9d519517b_cryptolocker
-
Size
50KB
-
Sample
240530-fewxqsgb63
-
MD5
b52d1d132be56a2a8bd725a9d519517b
-
SHA1
503a88f5a91878ba808252468c6a6bd251285872
-
SHA256
8f3d0130bea1c325b902921b10f7ac2ac45482686bb551c5534df5e616e260a4
-
SHA512
de4c8406135d658e066511a8ac1128bd2d7f5f51f9be6b06e80ec2252c3d1e706aa6afcc8c22a669dfd982f61171912fd23253200e227375ec532e3d46e9494d
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtX:bODOw9acifAoc+vX
Behavioral task
behavioral1
Sample
2024-05-30_b52d1d132be56a2a8bd725a9d519517b_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-30_b52d1d132be56a2a8bd725a9d519517b_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-30_b52d1d132be56a2a8bd725a9d519517b_cryptolocker
-
Size
50KB
-
MD5
b52d1d132be56a2a8bd725a9d519517b
-
SHA1
503a88f5a91878ba808252468c6a6bd251285872
-
SHA256
8f3d0130bea1c325b902921b10f7ac2ac45482686bb551c5534df5e616e260a4
-
SHA512
de4c8406135d658e066511a8ac1128bd2d7f5f51f9be6b06e80ec2252c3d1e706aa6afcc8c22a669dfd982f61171912fd23253200e227375ec532e3d46e9494d
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtX:bODOw9acifAoc+vX
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-