Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-03_6bb61f5df88a4eb7de5f14b3534005d5_cryptolocker
-
Size
40KB
-
Sample
240603-vgt89ach9v
-
MD5
6bb61f5df88a4eb7de5f14b3534005d5
-
SHA1
e17802ad28d431c23ced7fe92c87d2211def0cad
-
SHA256
495f429da4caed9947063143f1fd873875b2895ed1c235aaebd13706971ac059
-
SHA512
07569bb3bac60396fde1202e6b7275cf804e5e7be360f545b9eced9ff10ecb7b94a1d8621263aadf2291729110132bc9e034d647aa0315e9eb5a83f6645bb5c5
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYz:qDdFJy3QMOtEvwDpjjWMl7TK
Behavioral task
behavioral1
Sample
2024-06-03_6bb61f5df88a4eb7de5f14b3534005d5_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-06-03_6bb61f5df88a4eb7de5f14b3534005d5_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-03_6bb61f5df88a4eb7de5f14b3534005d5_cryptolocker
-
Size
40KB
-
MD5
6bb61f5df88a4eb7de5f14b3534005d5
-
SHA1
e17802ad28d431c23ced7fe92c87d2211def0cad
-
SHA256
495f429da4caed9947063143f1fd873875b2895ed1c235aaebd13706971ac059
-
SHA512
07569bb3bac60396fde1202e6b7275cf804e5e7be360f545b9eced9ff10ecb7b94a1d8621263aadf2291729110132bc9e034d647aa0315e9eb5a83f6645bb5c5
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYz:qDdFJy3QMOtEvwDpjjWMl7TK
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-