Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker
-
Size
52KB
-
Sample
240608-dzpm2sgc8w
-
MD5
638947c6a48ee05b1c2a45265ccce8fb
-
SHA1
44fba1964585c8c502843fd0dec0482da743e408
-
SHA256
4eb2fec9afa90fd0e2dcf044f0d0d7b9df8eac6d8b6a48c8e31bf86ff784db4c
-
SHA512
e34e4b2d25d531558191bf4407ff0c364b3b1a230d63a469514b369ee26b5271e6a24f98952382c159b1dff2b17f16826171a7689b445eb647c9c41c4a393ba9
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOJ:bODOw9acifAoc+vu
Behavioral task
behavioral1
Sample
2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker
-
Size
52KB
-
MD5
638947c6a48ee05b1c2a45265ccce8fb
-
SHA1
44fba1964585c8c502843fd0dec0482da743e408
-
SHA256
4eb2fec9afa90fd0e2dcf044f0d0d7b9df8eac6d8b6a48c8e31bf86ff784db4c
-
SHA512
e34e4b2d25d531558191bf4407ff0c364b3b1a230d63a469514b369ee26b5271e6a24f98952382c159b1dff2b17f16826171a7689b445eb647c9c41c4a393ba9
-
SSDEEP
768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOJ:bODOw9acifAoc+vu
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-