Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-09-05_a39af6887fe61eecee434985a79941e8_cryptolocker
-
Size
41KB
-
Sample
240905-tak7bsvcnb
-
MD5
a39af6887fe61eecee434985a79941e8
-
SHA1
168adcfe5f4adeab9b75f8907319f6cad1e70d1d
-
SHA256
54605d21ce4c018aa3d17738f84df84e3a2889680a3082023ef5748f2d49766b
-
SHA512
bea1a2ef43311d55e796258cb981537182b92529f00768a42dea57db61aad34862bb16cc576bcdd60df5e6df471156439a8f4ad5eef35da94c098dae53cbe206
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IujdxNX6vXzkm:b/yC4GyNM01GuQMNXw2PSj1Pqq8BOwm
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-05_a39af6887fe61eecee434985a79941e8_cryptolocker.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-05_a39af6887fe61eecee434985a79941e8_cryptolocker.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-05_a39af6887fe61eecee434985a79941e8_cryptolocker
-
Size
41KB
-
MD5
a39af6887fe61eecee434985a79941e8
-
SHA1
168adcfe5f4adeab9b75f8907319f6cad1e70d1d
-
SHA256
54605d21ce4c018aa3d17738f84df84e3a2889680a3082023ef5748f2d49766b
-
SHA512
bea1a2ef43311d55e796258cb981537182b92529f00768a42dea57db61aad34862bb16cc576bcdd60df5e6df471156439a8f4ad5eef35da94c098dae53cbe206
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IujdxNX6vXzkm:b/yC4GyNM01GuQMNXw2PSj1Pqq8BOwm
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-