Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker
-
Size
41KB
-
Sample
240616-rwfgvswhrd
-
MD5
8d092c6c9946b687db09ec894813eed3
-
SHA1
ebeeaa4e4216535d7ab9cf06f238824057f6bf02
-
SHA256
8f7e8810121b11948c5a2ec578907c78329aa95a7967bdf43604e283522bc4a7
-
SHA512
d7fa1688f32d977f93cf0ac033afffb918d2b3d68c379714277004388dccb7aaec64e1f41c922466805fb37d958c94561ac8522f44fb8cee5bab07026967aaad
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYL:qDdFJy3QMOtEvwDpjjWMl7TS
Behavioral task
behavioral1
Sample
2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker
-
Size
41KB
-
MD5
8d092c6c9946b687db09ec894813eed3
-
SHA1
ebeeaa4e4216535d7ab9cf06f238824057f6bf02
-
SHA256
8f7e8810121b11948c5a2ec578907c78329aa95a7967bdf43604e283522bc4a7
-
SHA512
d7fa1688f32d977f93cf0ac033afffb918d2b3d68c379714277004388dccb7aaec64e1f41c922466805fb37d958c94561ac8522f44fb8cee5bab07026967aaad
-
SSDEEP
768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYL:qDdFJy3QMOtEvwDpjjWMl7TS
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-