ddfafe8b76a491aceea6883e3ae5a40e18beb2eb5d187694a97bc0ed7209eb92 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-03-08...er.exe

windows7-x64

9

2024-03-08...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-03-08_fe8c56ac995df6fc0e5ed48e985c672c_cryptolocker
Size

43KB
Sample

240308-dtzaasea92
MD5

fe8c56ac995df6fc0e5ed48e985c672c
SHA1

e7d86b9ecc7d2602fd99c0ea3b909a07e9923162
SHA256

ddfafe8b76a491aceea6883e3ae5a40e18beb2eb5d187694a97bc0ed7209eb92
SHA512

37bad198d433ec75e9655118390110a8f6e98a6adf7e09db2e976f89a5bad5117c2e20bfddf19b027bee5a038a677d273b9af1d08423980cb13d392b2f43f865
SSDEEP

768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YO6ILRD:V6QFElP6n+gMQMOtEvwDpjyaYaFAz6D

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-03-08_fe8c56ac995df6fc0e5ed48e985c672c_cryptolocker.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-08_fe8c56ac995df6fc0e5ed48e985c672c_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-08_fe8c56ac995df6fc0e5ed48e985c672c_cryptolocker
- Size
  
  43KB
- MD5
  
  fe8c56ac995df6fc0e5ed48e985c672c
- SHA1
  
  e7d86b9ecc7d2602fd99c0ea3b909a07e9923162
- SHA256
  
  ddfafe8b76a491aceea6883e3ae5a40e18beb2eb5d187694a97bc0ed7209eb92
- SHA512
  
  37bad198d433ec75e9655118390110a8f6e98a6adf7e09db2e976f89a5bad5117c2e20bfddf19b027bee5a038a677d273b9af1d08423980cb13d392b2f43f865
- SSDEEP
  
  768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5aFr7YO6ILRD:V6QFElP6n+gMQMOtEvwDpjyaYaFAz6D
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy