Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2272954a2c...5a.exe

windows7-x64

10

72716d15ea...21.exe

windows7-x64

7

Bit Paymer.exe

windows7-x64

10

KeepCalm.exe

windows7-x64

1

LockedIn.exe

windows7-x64

9

NotPetya.dll

windows7-x64

10

Purge.exe

windows7-x64

1

Scarab.exe

windows7-x64

10

a631ad1b1a...4b.exe

windows7-x64

6

a9053a3a52...bc.exe

windows7-x64

7

b764629e1f...1c.exe

windows7-x64

10

cf89f70633...5c.exe

windows7-x64

1

e951e82867...50.exe

windows7-x64

1

fa0c321e1a...d2.exe

windows7-x64

9

fc184274ad...27.exe

windows7-x64

10

Resubmissions

18/07/2024, 07:25 UTC

240718-h84wjs1hpb 10

18/07/2024, 07:19 UTC

240718-h51pqa1gng 10

17/07/2024, 20:55 UTC

240717-zqkhmaydmq 10

17/07/2024, 19:21 UTC

240717-x2pwdaycjb 10

Analysis

  • max time kernel
    1559s
  • max time network
    1560s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    17/07/2024, 19:21 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LockedIn.exe

  • Size

    650KB

  • MD5

    e9e34a4dbf0c9fe5fb595b0282b0b4f0

  • SHA1

    4f3f6bc4aff97eecb9ab52d47520e248c618da45

  • SHA256

    613af1bf17a11dbf12849568ce08186cc4109a5cdb32d0bcce7c1bd81306f5c6

  • SHA512

    b234f7a6fef8eb3153da20b1c9f668a8177e489817b1e7e36a572fbfc7dc3604f5cd509f5ff7087f4d3a2e3c1a5a0c7e93ae571be11c70732b1078ba8050a119

  • SSDEEP

    12288:dl6aKEZf4r/s6IzjtyHQDWcFXXGmmBJ0d35O3CEkk4zglJaKfZf4m:dlNCr/sFFmmmHIpKCEx4sljCm

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (56) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\LockedIn.exe
    "C:\Users\Admin\AppData\Local\Temp\LockedIn.exe"
    1⤵
      PID:772

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\Desktop\LimitEdit.xlsx
      Filesize

      10KB

      MD5

      fedb43c651365c6d80ef42b8294a8bf3

      SHA1

      b16b988f389bd973acc6f05623df7189700eb700

      SHA256

      f4d003c4b9e0f4c40c9b7216d63ae70e2689936631f3939923b4299a53d0be94

      SHA512

      a5ba6efa55b8f6c3176b2099d9a714cb21d8b33c6d58574c1d5a665e5a757539a10dc753d3b585b0a41ef98f2a1a3b16d3cbdd2ac8473f8f1d3bb7d0997e0eb7

      Download Submit

    • memory/772-0-0x000007FEF666E000-0x000007FEF666F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/772-1-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-2-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-3-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-5-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-4-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-12-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/772-119-0x000007FEF666E000-0x000007FEF666F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/772-120-0x000007FEF63B0000-0x000007FEF6D4D000-memory.dmp

      Filesize

      9.6MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.