Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker
-
Size
59KB
-
Sample
240615-jlwgbswerq
-
MD5
ecce43abb051280b272162f99549bfd6
-
SHA1
ed247fc7adb77036a5fce8b7885b84673a41c332
-
SHA256
fb8ec63711aed81d81e846bbd2dd337e70cea667d6e220c1442122a91c905043
-
SHA512
0b8480d6afab109ac823f50c5da9ec42deea171a2a0701349321888128ee04f4c7081820cd002224f6aecddf645a5bbcfd71e41df101d93e437b4dee1278d3b5
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5ax+N8:z6QFElP6n+gKmddpMOtEvwDpj9aYaz
Behavioral task
behavioral1
Sample
2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker
-
Size
59KB
-
MD5
ecce43abb051280b272162f99549bfd6
-
SHA1
ed247fc7adb77036a5fce8b7885b84673a41c332
-
SHA256
fb8ec63711aed81d81e846bbd2dd337e70cea667d6e220c1442122a91c905043
-
SHA512
0b8480d6afab109ac823f50c5da9ec42deea171a2a0701349321888128ee04f4c7081820cd002224f6aecddf645a5bbcfd71e41df101d93e437b4dee1278d3b5
-
SSDEEP
768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5ax+N8:z6QFElP6n+gKmddpMOtEvwDpj9aYaz
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-