Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker
-
Size
32KB
-
Sample
240110-gqt3yshcbp
-
MD5
c308eb4f4aec70b51f6159d350deef04
-
SHA1
d5db9d5ac929f1750416f7f60d5160e367de3fce
-
SHA256
755c4b2f88a23980f7c2575183c38c87a1ba4eeedc7e40543a22bb04aea207b3
-
SHA512
201cc354439207ea1bb2ff96288881be79620c99ec64dc622b974eb893236eeef19874fbcabf94f5365067b1e167ad1a80e2a77db01131bc6375054d4928d019
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PRG:b/yC4GyNM01GuQMNXw2PSjS2uvdHd90
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-09_c308eb4f4aec70b51f6159d350deef04_cryptolocker
-
Size
32KB
-
MD5
c308eb4f4aec70b51f6159d350deef04
-
SHA1
d5db9d5ac929f1750416f7f60d5160e367de3fce
-
SHA256
755c4b2f88a23980f7c2575183c38c87a1ba4eeedc7e40543a22bb04aea207b3
-
SHA512
201cc354439207ea1bb2ff96288881be79620c99ec64dc622b974eb893236eeef19874fbcabf94f5365067b1e167ad1a80e2a77db01131bc6375054d4928d019
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStwIoIQ+dHd9PRG:b/yC4GyNM01GuQMNXw2PSjS2uvdHd90
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-