172e0e19d11945dc74b6a9e86c1f780c36a734baefef8b1d9fcc7dcd0094e102 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-04-25...er.exe

windows7-x64

9

2024-04-25...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker
Size

34KB
Sample

240425-a6n4bacd49
MD5

546963be6711bbbbd5e0000766a7fcbf
SHA1

1b48264243047b0e6c3f1a349e773fc487b2220f
SHA256

172e0e19d11945dc74b6a9e86c1f780c36a734baefef8b1d9fcc7dcd0094e102
SHA512

77f422da015adab6b621cdb28df9c52a9d86d8b3bceb07a50f49293d1c825b00fb0caadae76524fa8b416d1ae48c2693c2f617b5a748995b898558ebc4bf0fbf
SSDEEP

384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunvsY0j:bA74zYcgT/Ekd0ryfjPIunvsrj

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker.exe

Resource

win7-20240220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker
- Size
  
  34KB
- MD5
  
  546963be6711bbbbd5e0000766a7fcbf
- SHA1
  
  1b48264243047b0e6c3f1a349e773fc487b2220f
- SHA256
  
  172e0e19d11945dc74b6a9e86c1f780c36a734baefef8b1d9fcc7dcd0094e102
- SHA512
  
  77f422da015adab6b621cdb28df9c52a9d86d8b3bceb07a50f49293d1c825b00fb0caadae76524fa8b416d1ae48c2693c2f617b5a748995b898558ebc4bf0fbf
- SSDEEP
  
  384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunvsY0j:bA74zYcgT/Ekd0ryfjPIunvsrj
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy