Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker
-
Size
41KB
-
Sample
240314-kja82sfa9w
-
MD5
61f3d6546ea0fb154ab5cc9da945c7ed
-
SHA1
376460e977a712b675573b4006bc0fdcb15740cb
-
SHA256
7ee88337c85d2332da3fe1b1aaab8f2593cfb3d08afddef49a4e483895f38618
-
SHA512
86cae49ab161a26df6cd636f16a5af6e0721401967a788979015f90fcdca7fcf1817666c343c7bf4021efc6c911b522720d9359e10cad158ec7c5d85218da543
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9Do:b/pYayGig5HjS3NPA9Do
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker
-
Size
41KB
-
MD5
61f3d6546ea0fb154ab5cc9da945c7ed
-
SHA1
376460e977a712b675573b4006bc0fdcb15740cb
-
SHA256
7ee88337c85d2332da3fe1b1aaab8f2593cfb3d08afddef49a4e483895f38618
-
SHA512
86cae49ab161a26df6cd636f16a5af6e0721401967a788979015f90fcdca7fcf1817666c343c7bf4021efc6c911b522720d9359e10cad158ec7c5d85218da543
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9Do:b/pYayGig5HjS3NPA9Do
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-