Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock
-
Size
436KB
-
Sample
240315-lz74dsfg27
-
MD5
a44ee9c467d45ed3d8e86ec165017539
-
SHA1
efbbf15fb3466d78e8a57d24da3a05b9a4a33453
-
SHA256
4526ae4561821d6b114ad8e12c0ed0bd416fe890ede8b75c875026640a8b866e
-
SHA512
9d56372cd224ef3eb70678ed1be0578326de0307a7cc7e1b06a7ad3987640a97a6df39e13c310eaa725893f7fd622522838c81e16c88a02ac1094cb3bb36c0bd
-
SSDEEP
12288:7MSU4joci8M6PW1GVFeFd60DFUyhezYM:ASUCpM2W1Gvgmyezv
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock
-
Size
436KB
-
MD5
a44ee9c467d45ed3d8e86ec165017539
-
SHA1
efbbf15fb3466d78e8a57d24da3a05b9a4a33453
-
SHA256
4526ae4561821d6b114ad8e12c0ed0bd416fe890ede8b75c875026640a8b866e
-
SHA512
9d56372cd224ef3eb70678ed1be0578326de0307a7cc7e1b06a7ad3987640a97a6df39e13c310eaa725893f7fd622522838c81e16c88a02ac1094cb3bb36c0bd
-
SSDEEP
12288:7MSU4joci8M6PW1GVFeFd60DFUyhezYM:ASUCpM2W1Gvgmyezv
Score10/10-
Modifies WinLogon for persistence
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-