Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-06-06_a914083371ae35e53c6d83b81a492d41_cryptolocker
-
Size
33KB
-
Sample
240606-ea7b8sgg79
-
MD5
a914083371ae35e53c6d83b81a492d41
-
SHA1
57640e58b1ccf2351a5147e24a64c583b78380d3
-
SHA256
17f98824adba361d0bf07c83a796d4f500e691c5fcf850406fef9a231224c1b5
-
SHA512
7db13aab1b3453bad7f753700e55c3fbbcf5b48866153ba622ed7d970b021f902c4411051970869c4fbd629abb3e683fb388cc060d91f6eaf1d6be390b66ac9a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsgYl:b/yC4GyNM01GuQMNXw2PSjSKkcJYl
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-06_a914083371ae35e53c6d83b81a492d41_cryptolocker.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-06-06_a914083371ae35e53c6d83b81a492d41_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-06_a914083371ae35e53c6d83b81a492d41_cryptolocker
-
Size
33KB
-
MD5
a914083371ae35e53c6d83b81a492d41
-
SHA1
57640e58b1ccf2351a5147e24a64c583b78380d3
-
SHA256
17f98824adba361d0bf07c83a796d4f500e691c5fcf850406fef9a231224c1b5
-
SHA512
7db13aab1b3453bad7f753700e55c3fbbcf5b48866153ba622ed7d970b021f902c4411051970869c4fbd629abb3e683fb388cc060d91f6eaf1d6be390b66ac9a
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznStEkcsgYl:b/yC4GyNM01GuQMNXw2PSjSKkcJYl
Score9/10-
Detection of CryptoLocker Variants
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-