Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-06_fabe213df5826f15da33a4d0963c5891_cryptolocker
-
Size
75KB
-
Sample
240606-glwe8aaa7w
-
MD5
fabe213df5826f15da33a4d0963c5891
-
SHA1
f517c62bb74434f3e9b1353c65356faa8e842a19
-
SHA256
68c2b0d44a3787874ad276f9b5f7ddc7df8068312216d91cbe515130cc6c245b
-
SHA512
b07cf1e408135528efcc5dd714a4b5f924e4ec11e9cfbacf0c77f9c5348c2c4a67ba3732aaf0317677f85d5b7df46c0d78df7ea40878b521d7e1003c0257b658
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalVrH:1nK6a+qdOOtEvwDpjQ
Behavioral task
behavioral1
Sample
2024-06-06_fabe213df5826f15da33a4d0963c5891_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-06_fabe213df5826f15da33a4d0963c5891_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-06_fabe213df5826f15da33a4d0963c5891_cryptolocker
-
Size
75KB
-
MD5
fabe213df5826f15da33a4d0963c5891
-
SHA1
f517c62bb74434f3e9b1353c65356faa8e842a19
-
SHA256
68c2b0d44a3787874ad276f9b5f7ddc7df8068312216d91cbe515130cc6c245b
-
SHA512
b07cf1e408135528efcc5dd714a4b5f924e4ec11e9cfbacf0c77f9c5348c2c4a67ba3732aaf0317677f85d5b7df46c0d78df7ea40878b521d7e1003c0257b658
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalVrH:1nK6a+qdOOtEvwDpjQ
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-