Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-04-18...er.exe

windows7-x64

9

2024-04-18...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-18_a8d868015f7e24b2465e0965b9813c7e_cryptolocker

  • Size

    389KB

  • Sample

    240418-rtf1lsgg7w

  • MD5

    a8d868015f7e24b2465e0965b9813c7e

  • SHA1

    15177c110117f13c6d4511a19afd2a8560096fcd

  • SHA256

    599d0f1f85d606dac4d4c98efcc3e9f0162c0d53321143dfaab07fc2fb0454b4

  • SHA512

    80dcf56b2599d9f89365a3746dbccd26687a1797396c240a89dc720fa7e547c3c831fd7b3e9425e71bc0d3f185164bff3a45b54abbdf787db8c79d52561f43c2

  • SSDEEP

    6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXb:nnOflT/ZFIjBz3xjTxynGUOUhXb

Score
10/10

Malware Config

Targets

    • Target

      2024-04-18_a8d868015f7e24b2465e0965b9813c7e_cryptolocker

    • Size

      389KB

    • MD5

      a8d868015f7e24b2465e0965b9813c7e

    • SHA1

      15177c110117f13c6d4511a19afd2a8560096fcd

    • SHA256

      599d0f1f85d606dac4d4c98efcc3e9f0162c0d53321143dfaab07fc2fb0454b4

    • SHA512

      80dcf56b2599d9f89365a3746dbccd26687a1797396c240a89dc720fa7e547c3c831fd7b3e9425e71bc0d3f185164bff3a45b54abbdf787db8c79d52561f43c2

    • SSDEEP

      6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXb:nnOflT/ZFIjBz3xjTxynGUOUhXb

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks