576df2827a30c51a593cd57a8c71d7a087a2ae4707521f50b2936654a7ae0175 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-03-12...er.exe

windows7-x64

9

2024-03-12...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-03-12_35105c62500695ab7a9acf23fcb48626_cryptolocker
Size

34KB
Sample

240312-bxdrnaeb39
MD5

35105c62500695ab7a9acf23fcb48626
SHA1

95854adb6a4393aec600760eeee6eafcf9526126
SHA256

576df2827a30c51a593cd57a8c71d7a087a2ae4707521f50b2936654a7ae0175
SHA512

b93d2a4f4df8e77d18e9ac9240182f85838042696f64d432b0ad7fdbfa98cfa5e09b274ac5beb64ca3004f225d0f71e9acd19def1b1dff8c492b68b4acada59a
SSDEEP

384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJXTQke8SEMMV:bA74zYcgT/Ekd0ryfjQRSNhpSFc

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-03-12_35105c62500695ab7a9acf23fcb48626_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-12_35105c62500695ab7a9acf23fcb48626_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-12_35105c62500695ab7a9acf23fcb48626_cryptolocker
- Size
  
  34KB
- MD5
  
  35105c62500695ab7a9acf23fcb48626
- SHA1
  
  95854adb6a4393aec600760eeee6eafcf9526126
- SHA256
  
  576df2827a30c51a593cd57a8c71d7a087a2ae4707521f50b2936654a7ae0175
- SHA512
  
  b93d2a4f4df8e77d18e9ac9240182f85838042696f64d432b0ad7fdbfa98cfa5e09b274ac5beb64ca3004f225d0f71e9acd19def1b1dff8c492b68b4acada59a
- SSDEEP
  
  384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJXTQke8SEMMV:bA74zYcgT/Ekd0ryfjQRSNhpSFc
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy