Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-03-08...er.exe

windows7-x64

9

2024-03-08...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-08_2c0d040453588ba8f73b651dd7b305e8_cryptolocker

  • Size

    46KB

  • Sample

    240308-x6yzvafb81

  • MD5

    2c0d040453588ba8f73b651dd7b305e8

  • SHA1

    ded1c25016cdb58e3c499a2141ba981d646678cc

  • SHA256

    1a8cc06a7133f7d356c4d6b86d71157f339feef99ec5dc7789273ff83f5730c7

  • SHA512

    ed63e72fcd91a6d83af7d3cac635a907bc660d5b7a6988a14bab14edddf7600b6038a89afa0593072ee2aa7fe6f3692c74f1f593aa296e4c2dfd2e7cb24c4eaa

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/BdK:XS5nQJ24LR1bytOOtEvwDpjNbP/bK

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_2c0d040453588ba8f73b651dd7b305e8_cryptolocker

    • Size

      46KB

    • MD5

      2c0d040453588ba8f73b651dd7b305e8

    • SHA1

      ded1c25016cdb58e3c499a2141ba981d646678cc

    • SHA256

      1a8cc06a7133f7d356c4d6b86d71157f339feef99ec5dc7789273ff83f5730c7

    • SHA512

      ed63e72fcd91a6d83af7d3cac635a907bc660d5b7a6988a14bab14edddf7600b6038a89afa0593072ee2aa7fe6f3692c74f1f593aa296e4c2dfd2e7cb24c4eaa

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/BdK:XS5nQJ24LR1bytOOtEvwDpjNbP/bK

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks