f59e317bf02593ae4ba5933bb8a2ade13dbb712452827986e3b081cc64547130 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-01-26...er.exe

windows7-x64

9

2024-01-26...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker
Size

47KB
Sample

240126-d8cpvaefbm
MD5

e9b45da180e0af7cc8624faa62c27c92
SHA1

51f643010fe430baccb3305189046feaaf30a8f7
SHA256

f59e317bf02593ae4ba5933bb8a2ade13dbb712452827986e3b081cc64547130
SHA512

0b418c2747df492df5530e805e1d14cbc093cc5f0b4f692f14256788c2ab5d6978a12f33b7fa6b307859d5d01401c7ab71d35497bc160a22b3a4c51f0f174d7e
SSDEEP

384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqq:XS5nQJ24LR1bytOOtEvwDpjNbP/3lA0

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker.exe

Resource

win7-20231215-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker
- Size
  
  47KB
- MD5
  
  e9b45da180e0af7cc8624faa62c27c92
- SHA1
  
  51f643010fe430baccb3305189046feaaf30a8f7
- SHA256
  
  f59e317bf02593ae4ba5933bb8a2ade13dbb712452827986e3b081cc64547130
- SHA512
  
  0b418c2747df492df5530e805e1d14cbc093cc5f0b4f692f14256788c2ab5d6978a12f33b7fa6b307859d5d01401c7ab71d35497bc160a22b3a4c51f0f174d7e
- SSDEEP
  
  384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqq:XS5nQJ24LR1bytOOtEvwDpjNbP/3lA0
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Detects executables built or packed with MPress PE compressor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy