Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker
-
Size
33KB
-
Sample
240124-bbrfmaeea7
-
MD5
f85e6265972e576a2b3ecae32f80e926
-
SHA1
954d83977a2a048bed1ff5b2a7e5bfdd0dc94db2
-
SHA256
e54c58a42bd491658cf9e384629065560208f8d26bc08012e94059dbf0f7d115
-
SHA512
c54e6a2736e4f546390537f42d03321f89792251ce26074eb0ff78ed360e2d4e1dc23fe7afc8c7c352e2b3aab25d41166de1e188fe5d7f8d1efd12114a16af5e
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZxZ:b/yC4GyNM01GuQMNXw2PSj1PPZ
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker
-
Size
33KB
-
MD5
f85e6265972e576a2b3ecae32f80e926
-
SHA1
954d83977a2a048bed1ff5b2a7e5bfdd0dc94db2
-
SHA256
e54c58a42bd491658cf9e384629065560208f8d26bc08012e94059dbf0f7d115
-
SHA512
c54e6a2736e4f546390537f42d03321f89792251ce26074eb0ff78ed360e2d4e1dc23fe7afc8c7c352e2b3aab25d41166de1e188fe5d7f8d1efd12114a16af5e
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZxZ:b/yC4GyNM01GuQMNXw2PSj1PPZ
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-