Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker
-
Size
32KB
-
Sample
240107-pd344afbh6
-
MD5
991663f006fd52ff7ed40b190f47f8cf
-
SHA1
fb768c7e137ad1e454836a7fe52f2847b9667655
-
SHA256
87c90d4dc3d0897bb632926b47804e070181a645bea817ed823dba498665fee2
-
SHA512
d4cc95361de6b5ca067ea963f5bb7fd660f127edd952221e8e890dd72ba2e4fd43b53be3a3daa2500efa02dbd3ddc60e4560576b07d417e701d4d42a68195a63
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AmflxB:b/yC4GyNM01GuQMNXw2PSjHWzB
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-06_991663f006fd52ff7ed40b190f47f8cf_cryptolocker
-
Size
32KB
-
MD5
991663f006fd52ff7ed40b190f47f8cf
-
SHA1
fb768c7e137ad1e454836a7fe52f2847b9667655
-
SHA256
87c90d4dc3d0897bb632926b47804e070181a645bea817ed823dba498665fee2
-
SHA512
d4cc95361de6b5ca067ea963f5bb7fd660f127edd952221e8e890dd72ba2e4fd43b53be3a3daa2500efa02dbd3ddc60e4560576b07d417e701d4d42a68195a63
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznHzl6AmflxB:b/yC4GyNM01GuQMNXw2PSjHWzB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-