7e9763a66e4cbf95f130ba939afdcfe0f8405439b0e4abfe0de8072046a1fd5e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-04-21...er.exe

windows7-x64

9

2024-04-21...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker
Size

42KB
Sample

240421-1e7z8aca4t
MD5

63cbc0544b23818a07be40e04ce9114e
SHA1

535100d763aaf678c765034b7c45a7a74262e9aa
SHA256

7e9763a66e4cbf95f130ba939afdcfe0f8405439b0e4abfe0de8072046a1fd5e
SHA512

ae6c82c5c3ee43d88e03ee18a75d631f684431f165969ccab76bd1ebfe758d3d002d8f5f4fbea297a112119f852373a2ff1d0c66c250ba5a613616891f38d3ce
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAekL:b/pYayGig5HjS3NPAekL

Score

10^/10

discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-21_63cbc0544b23818a07be40e04ce9114e_cryptolocker
- Size
  
  42KB
- MD5
  
  63cbc0544b23818a07be40e04ce9114e
- SHA1
  
  535100d763aaf678c765034b7c45a7a74262e9aa
- SHA256
  
  7e9763a66e4cbf95f130ba939afdcfe0f8405439b0e4abfe0de8072046a1fd5e
- SHA512
  
  ae6c82c5c3ee43d88e03ee18a75d631f684431f165969ccab76bd1ebfe758d3d002d8f5f4fbea297a112119f852373a2ff1d0c66c250ba5a613616891f38d3ce
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAekL:b/pYayGig5HjS3NPAekL
Score

9^/10

discovery
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.