Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-02-24...er.exe

windows7-x64

9

2024-02-24...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker

  • Size

    47KB

  • Sample

    240224-wvsg9abd3w

  • MD5

    e72a0ef66c27e126b8e75230c38d1d38

  • SHA1

    f48ee26cc161524f90167a0b0804fc734b930529

  • SHA256

    32fda8b49387b8f70a7ae7edd87cbc13c7a1e4d814c06c42f0247022f4bf2b08

  • SHA512

    61b7311f54804fb7400f5a8b0c34d6f66795aef08cf1f1b412cce3fcd393745532d47a95834b697987e66d33d17f6ae1b82a18906d394726f31d2e92e7343c4e

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2p5:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ0

Score
10/10

Malware Config

Targets

    • Target

      2024-02-24_e72a0ef66c27e126b8e75230c38d1d38_cryptolocker

    • Size

      47KB

    • MD5

      e72a0ef66c27e126b8e75230c38d1d38

    • SHA1

      f48ee26cc161524f90167a0b0804fc734b930529

    • SHA256

      32fda8b49387b8f70a7ae7edd87cbc13c7a1e4d814c06c42f0247022f4bf2b08

    • SHA512

      61b7311f54804fb7400f5a8b0c34d6f66795aef08cf1f1b412cce3fcd393745532d47a95834b697987e66d33d17f6ae1b82a18906d394726f31d2e92e7343c4e

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Mo2p5:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ0

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks