Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

A2-Cryptor.cmd

windows7-x64

6

A2-Cryptor.cmd

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    A2-Cryptor.cmd

  • Size

    32KB

  • Sample

    230530-a8qpxsec49

  • MD5

    e031c713842d1db79d96101f8c0cf523

  • SHA1

    f97ce721472dd931998b272eeeec4e31cfedbfa5

  • SHA256

    30c4ed4509726173dfbb176a35e6cbc70b97cc7cad46c615e8bf89ad653b9ce6

  • SHA512

    a97a688c0663d2937377eb379da4e5cbdea9b28d09611a634b66cfb251091890722d160b44154fe073c4a5eb89b5dee27f06e17b0b3aea96b2bab8ef03d5360e

  • SSDEEP

    768:5yZE+8xnU25JWrmk2g9Ta1wCvKinXKCuY:5tU25J+a1hvhaCP

Score
7/10
ransomware

Malware Config

Targets

    • Target

      A2-Cryptor.cmd

    • Size

      32KB

    • MD5

      e031c713842d1db79d96101f8c0cf523

    • SHA1

      f97ce721472dd931998b272eeeec4e31cfedbfa5

    • SHA256

      30c4ed4509726173dfbb176a35e6cbc70b97cc7cad46c615e8bf89ad653b9ce6

    • SHA512

      a97a688c0663d2937377eb379da4e5cbdea9b28d09611a634b66cfb251091890722d160b44154fe073c4a5eb89b5dee27f06e17b0b3aea96b2bab8ef03d5360e

    • SSDEEP

      768:5yZE+8xnU25JWrmk2g9Ta1wCvKinXKCuY:5tU25J+a1hvhaCP

    Score
    7/10
    ransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks