Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-03-10...er.exe

windows7-x64

9

2024-03-10...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-10_5f4e44dc44598b55c11d0cedcc2c2cce_cryptolocker

  • Size

    86KB

  • Sample

    240310-yjgmqabb5w

  • MD5

    5f4e44dc44598b55c11d0cedcc2c2cce

  • SHA1

    e61072c65dce52e60bb260353b13f097f736f292

  • SHA256

    e21da9d618cb9f96f516f8144996709e72c8be39bd0e88ec3b1d74104ea427f8

  • SHA512

    4d7e457634024f150bb4eba02704665670413a54a3ce4b506b3d2bda1d53ebedf86e395c87da4258a3cecc2677eb7f6e80700aae1f611d33ac626800ba2789c9

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvzkxrG:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8zB

Score
10/10

Malware Config

Targets

    • Target

      2024-03-10_5f4e44dc44598b55c11d0cedcc2c2cce_cryptolocker

    • Size

      86KB

    • MD5

      5f4e44dc44598b55c11d0cedcc2c2cce

    • SHA1

      e61072c65dce52e60bb260353b13f097f736f292

    • SHA256

      e21da9d618cb9f96f516f8144996709e72c8be39bd0e88ec3b1d74104ea427f8

    • SHA512

      4d7e457634024f150bb4eba02704665670413a54a3ce4b506b3d2bda1d53ebedf86e395c87da4258a3cecc2677eb7f6e80700aae1f611d33ac626800ba2789c9

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvzkxrG:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8zB

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks