Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-25_7b3150834ae0eb4b44dbafc9ffaa026d_cryptolocker
-
Size
54KB
-
Sample
240625-2av1jaxcnf
-
MD5
7b3150834ae0eb4b44dbafc9ffaa026d
-
SHA1
d084a4cda5efde844bb2734a6a7a4a75077c0256
-
SHA256
606250304f55e21f0f3a4ed0d3d0807f2fca7fb84b296417787b216ff66e6742
-
SHA512
5f3dc382449a257715034d8dfe1b3675ed84b3e490915bf916ea854a9e0e2b1aa759b2e1a97c2906da86df9ba27a1e7e90dab2a19b41ca0906c22bd1b1ec5223
-
SSDEEP
768:bco/2n1TCraU6GD1P2wZEjbhxnbcuyD7U9kXDn62tH/1/LpPFP5:b7/y28wZEjbnouy8G76iH/NLpz
Behavioral task
behavioral1
Sample
2024-06-25_7b3150834ae0eb4b44dbafc9ffaa026d_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-25_7b3150834ae0eb4b44dbafc9ffaa026d_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-25_7b3150834ae0eb4b44dbafc9ffaa026d_cryptolocker
-
Size
54KB
-
MD5
7b3150834ae0eb4b44dbafc9ffaa026d
-
SHA1
d084a4cda5efde844bb2734a6a7a4a75077c0256
-
SHA256
606250304f55e21f0f3a4ed0d3d0807f2fca7fb84b296417787b216ff66e6742
-
SHA512
5f3dc382449a257715034d8dfe1b3675ed84b3e490915bf916ea854a9e0e2b1aa759b2e1a97c2906da86df9ba27a1e7e90dab2a19b41ca0906c22bd1b1ec5223
-
SSDEEP
768:bco/2n1TCraU6GD1P2wZEjbhxnbcuyD7U9kXDn62tH/1/LpPFP5:b7/y28wZEjbnouy8G76iH/NLpz
Score9/10-
Detection of CryptoLocker Variants
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-