dec4157e1d59642cadcd26c326b28e79c6ccd3d20108d4830eca9f94eb9ae890 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-03-12...er.exe

windows7-x64

9

2024-03-12...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker
Size

55KB
Sample

240312-bx6sfaeb63
MD5

40bbd6e7653f0baaeff3dcd78aa1d0f3
SHA1

e05ad365b9cbfc98075513caebfa11013d8282e0
SHA256

dec4157e1d59642cadcd26c326b28e79c6ccd3d20108d4830eca9f94eb9ae890
SHA512

a26544b7ce3d0225c22ceb807cfc64d67842e22863893b95b445abf1fd7937c05f49b6ae83895db9ada3907168cbf70cf8d8de4ad49e75b9fe83e26622c343b2
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vaTiSfQaV2L0zN/Pcm+X:X6QFElP6n+gJBMOtEvwDpjBtE1yILOkp

Score

10^/10

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker
- Size
  
  55KB
- MD5
  
  40bbd6e7653f0baaeff3dcd78aa1d0f3
- SHA1
  
  e05ad365b9cbfc98075513caebfa11013d8282e0
- SHA256
  
  dec4157e1d59642cadcd26c326b28e79c6ccd3d20108d4830eca9f94eb9ae890
- SHA512
  
  a26544b7ce3d0225c22ceb807cfc64d67842e22863893b95b445abf1fd7937c05f49b6ae83895db9ada3907168cbf70cf8d8de4ad49e75b9fe83e26622c343b2
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vaTiSfQaV2L0zN/Pcm+X:X6QFElP6n+gJBMOtEvwDpjBtE1yILOkp
Score

9^/10
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy