Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker
-
Size
51KB
-
Sample
240530-pp5gashh79
-
MD5
a53c22b4454dacefe71e4635f1753169
-
SHA1
de4057f6afc388cf5ecbff3a2a3c601b6437e4f0
-
SHA256
c5fead6e01d1bcf573496897b4df39acefcbb29c0210b89bad7217850bacc0dc
-
SHA512
c8d078e4f61602ef3fcb7e4fde9c67a61c880e9e0bd9c75c0fb50f44d30a3bcc9932efe84adb6d7d776f1c78a70e4d0ee2cc7dba99b27d5230d45e37e8c6302b
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Moc54:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ+4
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker
-
Size
51KB
-
MD5
a53c22b4454dacefe71e4635f1753169
-
SHA1
de4057f6afc388cf5ecbff3a2a3c601b6437e4f0
-
SHA256
c5fead6e01d1bcf573496897b4df39acefcbb29c0210b89bad7217850bacc0dc
-
SHA512
c8d078e4f61602ef3fcb7e4fde9c67a61c880e9e0bd9c75c0fb50f44d30a3bcc9932efe84adb6d7d776f1c78a70e4d0ee2cc7dba99b27d5230d45e37e8c6302b
-
SSDEEP
768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Moc54:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ+4
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-