Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker
-
Size
40KB
-
Sample
240605-g492bshb52
-
MD5
f8aec2faf3f15e6284aa45ce6548992b
-
SHA1
cc7db7b3e8a47c3df2392cf3f9963ac68e6f31c8
-
SHA256
b3f19e8412d8073bf650cc6a9be86fd2538080960e76861122dbe89d8de206c2
-
SHA512
de24b13baf1b74ea9a31d5271776a23b3c4c2e3744ef908fd54f5da5ae05b897fe6b3ef257ee30f0eb991bbcedc1c1ce7887502d912c16069e82aedf028a6cb9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Xm:qDdFJy3QMOtEvwDpjjWMl7TV
Behavioral task
behavioral1
Sample
2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker
-
Size
40KB
-
MD5
f8aec2faf3f15e6284aa45ce6548992b
-
SHA1
cc7db7b3e8a47c3df2392cf3f9963ac68e6f31c8
-
SHA256
b3f19e8412d8073bf650cc6a9be86fd2538080960e76861122dbe89d8de206c2
-
SHA512
de24b13baf1b74ea9a31d5271776a23b3c4c2e3744ef908fd54f5da5ae05b897fe6b3ef257ee30f0eb991bbcedc1c1ce7887502d912c16069e82aedf028a6cb9
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Xm:qDdFJy3QMOtEvwDpjjWMl7TV
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-