Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-13_45f65b375fc4683a5deab122b8dd5cba_cryptolocker
-
Size
37KB
-
Sample
240513-r7ygtaah51
-
MD5
45f65b375fc4683a5deab122b8dd5cba
-
SHA1
a09cba61c82c27807b0ea300cd23f9fe928e747b
-
SHA256
0d861d58a3c940bc66be2d598f233cffc59ef2c711b68ba1b63d435a1f2cf610
-
SHA512
6969d9e7d422fc3f5e6ebb7ac57298ae28a33d0da9fef722bb0b8fa214f1bce41a042e5bbc85fea170b6ec42bbc21d3edf80018b25f6ddacd88b5c9abdac9e53
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8INBjP2TwWy:b/yC4GyNM01GuQMNXw2PSj1Pqq8oBjky
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-13_45f65b375fc4683a5deab122b8dd5cba_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-13_45f65b375fc4683a5deab122b8dd5cba_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-13_45f65b375fc4683a5deab122b8dd5cba_cryptolocker
-
Size
37KB
-
MD5
45f65b375fc4683a5deab122b8dd5cba
-
SHA1
a09cba61c82c27807b0ea300cd23f9fe928e747b
-
SHA256
0d861d58a3c940bc66be2d598f233cffc59ef2c711b68ba1b63d435a1f2cf610
-
SHA512
6969d9e7d422fc3f5e6ebb7ac57298ae28a33d0da9fef722bb0b8fa214f1bce41a042e5bbc85fea170b6ec42bbc21d3edf80018b25f6ddacd88b5c9abdac9e53
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8INBjP2TwWy:b/yC4GyNM01GuQMNXw2PSj1Pqq8oBjky
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-