Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-05_b1eca4ae906fd5778427633d4588a1de_cryptolocker
-
Size
30KB
-
Sample
241005-1pdt5atell
-
MD5
b1eca4ae906fd5778427633d4588a1de
-
SHA1
ba958fe4df7fa970072ebb0c292ed65474436973
-
SHA256
97e614ba95c1ff59ca4b0a2c810d23a032db15b87b3f085b7f8df8a8864e1c1e
-
SHA512
26faafc49438bb8b5449730554b579d7a3ca80162d3d6b3be2bb38b9238d2032b93c1e827cf908c2c559bdf77c7255de89f75391a336604eca69049377d5fbb0
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznCa:b/yC4GyNM01GuQMNXw2PSjH
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-05_b1eca4ae906fd5778427633d4588a1de_cryptolocker.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-05_b1eca4ae906fd5778427633d4588a1de_cryptolocker.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-10-05_b1eca4ae906fd5778427633d4588a1de_cryptolocker
-
Size
30KB
-
MD5
b1eca4ae906fd5778427633d4588a1de
-
SHA1
ba958fe4df7fa970072ebb0c292ed65474436973
-
SHA256
97e614ba95c1ff59ca4b0a2c810d23a032db15b87b3f085b7f8df8a8864e1c1e
-
SHA512
26faafc49438bb8b5449730554b579d7a3ca80162d3d6b3be2bb38b9238d2032b93c1e827cf908c2c559bdf77c7255de89f75391a336604eca69049377d5fbb0
-
SSDEEP
384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznCa:b/yC4GyNM01GuQMNXw2PSjH
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-