Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-02-03...er.exe

windows7-x64

9

2024-02-03...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker

  • Size

    38KB

  • Sample

    240203-wzb13ahggp

  • MD5

    018ea4d649a9832ba28c440ca7d9a3f3

  • SHA1

    a8a88f98da29629102bd4614e77e40321c513b51

  • SHA256

    1d023d7f4fb25ffcb7249d44ce7f57ac812e1bb71ad7ce4f772d5f4dc399e197

  • SHA512

    dd3b0943bd3994410f3667e8cd4cdbdae091905f9922209500bbd89bb178c2c1df3bd33ba5d161de50616dce85e2c47eb9c81fba8873f1b4ecbfbfe947e24e61

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/ysz1:i5nkFGMOtEvwDpjR+viDz1

Score
10/10

Malware Config

Targets

    • Target

      2024-02-03_018ea4d649a9832ba28c440ca7d9a3f3_cryptolocker

    • Size

      38KB

    • MD5

      018ea4d649a9832ba28c440ca7d9a3f3

    • SHA1

      a8a88f98da29629102bd4614e77e40321c513b51

    • SHA256

      1d023d7f4fb25ffcb7249d44ce7f57ac812e1bb71ad7ce4f772d5f4dc399e197

    • SHA512

      dd3b0943bd3994410f3667e8cd4cdbdae091905f9922209500bbd89bb178c2c1df3bd33ba5d161de50616dce85e2c47eb9c81fba8873f1b4ecbfbfe947e24e61

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/ysz1:i5nkFGMOtEvwDpjR+viDz1

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks