Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-09-27_456fa0e3c8dac4b0601aae86f24183ea_avoslocker
-
Size
2.0MB
-
Sample
240927-vh8g9ssbrk
-
MD5
456fa0e3c8dac4b0601aae86f24183ea
-
SHA1
b818914aaf00c6817169cfc30f37812b807013e2
-
SHA256
6365be55d95a945a7d126efc1ab301fde9821c799b68a7f957b18fb6c68b118c
-
SHA512
542c28798bf1ca234be2eef5d0fac7138b0baf037b65452abbc6570d3d910b79c4891197328b8fb927bb82c6eb29f42f08f0fcb79caf8c805493b1b6fd09cdd7
-
SSDEEP
49152:lencs7Qc0FK79/Ves7FozshjPHYnsABxi4Dmg27RnWGj:lency/Ves7WwhjPGD527BWG
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-27_456fa0e3c8dac4b0601aae86f24183ea_avoslocker.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-09-27_456fa0e3c8dac4b0601aae86f24183ea_avoslocker
-
Size
2.0MB
-
MD5
456fa0e3c8dac4b0601aae86f24183ea
-
SHA1
b818914aaf00c6817169cfc30f37812b807013e2
-
SHA256
6365be55d95a945a7d126efc1ab301fde9821c799b68a7f957b18fb6c68b118c
-
SHA512
542c28798bf1ca234be2eef5d0fac7138b0baf037b65452abbc6570d3d910b79c4891197328b8fb927bb82c6eb29f42f08f0fcb79caf8c805493b1b6fd09cdd7
-
SSDEEP
49152:lencs7Qc0FK79/Ves7FozshjPHYnsABxi4Dmg27RnWGj:lency/Ves7WwhjPGD527BWG
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1