b163b8fa47e875db4600bedc4d305f586d54ee5d74ce82451a70820403f93947 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

2024-10-10...er.exe

windows7-x64

7

2024-10-10...er.exe

windows10-2004-x64

7

Sharing

General

Target

2024-10-10_6b28d3e861eaf92a7b5fff17550986eb_cryptolocker
Size

46KB
Sample

241010-df1wzawbmf
MD5

6b28d3e861eaf92a7b5fff17550986eb
SHA1

f31b8d4839cc5427c2f1eddc7555f20af87b6cd0
SHA256

b163b8fa47e875db4600bedc4d305f586d54ee5d74ce82451a70820403f93947
SHA512

bb78f73ad292558bf78e6c6f6ded45d9d01deb1ec09dd087b1c6f8436bfbeb4796c7fae5dcfa5309f2814d65aefa5025128fe9810b9882eec5793cf19ea5ecc2
SSDEEP

768:bODOw9UiamWUB2preAr+OfjH/0STX73OBqO6:bODOw9acifH+Yt

Score

7^/10

discovery upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-10-10_6b28d3e861eaf92a7b5fff17550986eb_cryptolocker.exe

Resource

win7-20240903-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-10_6b28d3e861eaf92a7b5fff17550986eb_cryptolocker.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-10-10_6b28d3e861eaf92a7b5fff17550986eb_cryptolocker
- Size
  
  46KB
- MD5
  
  6b28d3e861eaf92a7b5fff17550986eb
- SHA1
  
  f31b8d4839cc5427c2f1eddc7555f20af87b6cd0
- SHA256
  
  b163b8fa47e875db4600bedc4d305f586d54ee5d74ce82451a70820403f93947
- SHA512
  
  bb78f73ad292558bf78e6c6f6ded45d9d01deb1ec09dd087b1c6f8436bfbeb4796c7fae5dcfa5309f2814d65aefa5025128fe9810b9882eec5793cf19ea5ecc2
- SSDEEP
  
  768:bODOw9UiamWUB2preAr+OfjH/0STX73OBqO6:bODOw9acifH+Yt
Score

7^/10

discovery upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy