Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker
-
Size
42KB
-
Sample
240421-1e7z8aca4t
-
MD5
63cbc0544b23818a07be40e04ce9114e
-
SHA1
535100d763aaf678c765034b7c45a7a74262e9aa
-
SHA256
7e9763a66e4cbf95f130ba939afdcfe0f8405439b0e4abfe0de8072046a1fd5e
-
SHA512
ae6c82c5c3ee43d88e03ee18a75d631f684431f165969ccab76bd1ebfe758d3d002d8f5f4fbea297a112119f852373a2ff1d0c66c250ba5a613616891f38d3ce
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAekL:b/pYayGig5HjS3NPAekL
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker
-
Size
42KB
-
MD5
63cbc0544b23818a07be40e04ce9114e
-
SHA1
535100d763aaf678c765034b7c45a7a74262e9aa
-
SHA256
7e9763a66e4cbf95f130ba939afdcfe0f8405439b0e4abfe0de8072046a1fd5e
-
SHA512
ae6c82c5c3ee43d88e03ee18a75d631f684431f165969ccab76bd1ebfe758d3d002d8f5f4fbea297a112119f852373a2ff1d0c66c250ba5a613616891f38d3ce
-
SSDEEP
768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAekL:b/pYayGig5HjS3NPAekL
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-