e95cc2307444ecd53c50abf7cdcbb25ea1bce6850ac3ed5cd988c923f3cf0939 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024-05-24...er.exe

windows7-x64

9

2024-05-24...er.exe

windows10-2004-x64

9

Sharing

General

Target

2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker
Size

73KB
Sample

240524-qr9dpsfg2w
MD5

fa64b2944373f55f8816c6ef3d226853
SHA1

bc0a066ac49eb562651103201d42b5880a15d2e6
SHA256

e95cc2307444ecd53c50abf7cdcbb25ea1bce6850ac3ed5cd988c923f3cf0939
SHA512

c585fe991e74479b6cc63722ea87e3b91d0c5364b2f0e541673c1bb1a8ad27115558dfbffb0af11cb67f0f8ef9cc4de02760329b5fe3b3ba92bfc93a27cfbe6d
SSDEEP

1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs975:C4Q2c94OtEvwDpj4H8zs

Score

10^/10

upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker.exe

Resource

win7-20240419-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker
- Size
  
  73KB
- MD5
  
  fa64b2944373f55f8816c6ef3d226853
- SHA1
  
  bc0a066ac49eb562651103201d42b5880a15d2e6
- SHA256
  
  e95cc2307444ecd53c50abf7cdcbb25ea1bce6850ac3ed5cd988c923f3cf0939
- SHA512
  
  c585fe991e74479b6cc63722ea87e3b91d0c5364b2f0e541673c1bb1a8ad27115558dfbffb0af11cb67f0f8ef9cc4de02760329b5fe3b3ba92bfc93a27cfbe6d
- SSDEEP
  
  1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs975:C4Q2c94OtEvwDpj4H8zs
Score

9^/10

upx
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy