Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker
-
Size
36KB
-
Sample
240328-ddpqxsde41
-
MD5
c5bec8b4337f2592cdae3d0068474239
-
SHA1
a5e16873b06c78e1ed35e378143147dadcd0aff8
-
SHA256
07fa684ed0aa1894033b46c251b6adeedcd2b1fef033dd30ee89a132801394cc
-
SHA512
c488a4c19f378660677c240249dd4a8082ee730a22be3cb2a04980aca49f5f6cca368d80919374e0b298cb0b0c5a11177804ce5fec82903f223642e72bf2908b
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IuxNXTY:b/yC4GyNM01GuQMNXw2PSj1Pqq8tjY
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker
-
Size
36KB
-
MD5
c5bec8b4337f2592cdae3d0068474239
-
SHA1
a5e16873b06c78e1ed35e378143147dadcd0aff8
-
SHA256
07fa684ed0aa1894033b46c251b6adeedcd2b1fef033dd30ee89a132801394cc
-
SHA512
c488a4c19f378660677c240249dd4a8082ee730a22be3cb2a04980aca49f5f6cca368d80919374e0b298cb0b0c5a11177804ce5fec82903f223642e72bf2908b
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IuxNXTY:b/yC4GyNM01GuQMNXw2PSj1Pqq8tjY
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-