Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-03-28...er.exe

windows7-x64

9

2024-03-28...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker

  • Size

    36KB

  • Sample

    240328-ddpqxsde41

  • MD5

    c5bec8b4337f2592cdae3d0068474239

  • SHA1

    a5e16873b06c78e1ed35e378143147dadcd0aff8

  • SHA256

    07fa684ed0aa1894033b46c251b6adeedcd2b1fef033dd30ee89a132801394cc

  • SHA512

    c488a4c19f378660677c240249dd4a8082ee730a22be3cb2a04980aca49f5f6cca368d80919374e0b298cb0b0c5a11177804ce5fec82903f223642e72bf2908b

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IuxNXTY:b/yC4GyNM01GuQMNXw2PSj1Pqq8tjY

Score
10/10
discovery

Malware Config

Targets

    • Target

      2024-03-28_c5bec8b4337f2592cdae3d0068474239_cryptolocker

    • Size

      36KB

    • MD5

      c5bec8b4337f2592cdae3d0068474239

    • SHA1

      a5e16873b06c78e1ed35e378143147dadcd0aff8

    • SHA256

      07fa684ed0aa1894033b46c251b6adeedcd2b1fef033dd30ee89a132801394cc

    • SHA512

      c488a4c19f378660677c240249dd4a8082ee730a22be3cb2a04980aca49f5f6cca368d80919374e0b298cb0b0c5a11177804ce5fec82903f223642e72bf2908b

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8IuxNXTY:b/yC4GyNM01GuQMNXw2PSj1Pqq8tjY

    Score
    9/10
    discovery

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks