Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-09-29_70815a7030d24598df9c0a6ffeef3910_cryptolocker
-
Size
32KB
-
Sample
240929-w63glayfnh
-
MD5
70815a7030d24598df9c0a6ffeef3910
-
SHA1
8cd1a705952b9365083035279cef3ba17177139e
-
SHA256
dc80b61f9be0c91ee87b1f35c6feed0339feaa33910fc46ee51a26f0ff677a36
-
SHA512
7fac033d2d89d5dd46d8e4218d6436fdd0bb1f77a4888ef5e9148bf9bf893852045f7dc479bf5fd70429a6b87537265dacfc57d9342ed45118059b0f1ca6f6bf
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznBSGcu2:b/yC4GyNM01GuQMNXw2PSj4u2
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-29_70815a7030d24598df9c0a6ffeef3910_cryptolocker.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-09-29_70815a7030d24598df9c0a6ffeef3910_cryptolocker.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-29_70815a7030d24598df9c0a6ffeef3910_cryptolocker
-
Size
32KB
-
MD5
70815a7030d24598df9c0a6ffeef3910
-
SHA1
8cd1a705952b9365083035279cef3ba17177139e
-
SHA256
dc80b61f9be0c91ee87b1f35c6feed0339feaa33910fc46ee51a26f0ff677a36
-
SHA512
7fac033d2d89d5dd46d8e4218d6436fdd0bb1f77a4888ef5e9148bf9bf893852045f7dc479bf5fd70429a6b87537265dacfc57d9342ed45118059b0f1ca6f6bf
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznBSGcu2:b/yC4GyNM01GuQMNXw2PSj4u2
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-