Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-10_d4cd2ff91baf898d3afa5c34109e27c8_lockbit
-
Size
93KB
-
Sample
241010-qp1c1sxerf
-
MD5
d4cd2ff91baf898d3afa5c34109e27c8
-
SHA1
bd17e4452b292080cb0087fd4e5b100cccfe1c2d
-
SHA256
b8a646dd0931a3b455c720e4f3a6346447a3b4d7f1d41ff4336d29eac44055e0
-
SHA512
b3104d8f541483d6cfb1897b1cf809be9ed47c951621be830c6abbff6578d40d5e95256a312a8e8a833cec700e6fd9190be1babe306a37aef1cac26496e08687
-
SSDEEP
768:GlKar8kr2D6AKlLO+SNhBgCHDck4MV0ggv8KoETBB9D3xvjHhx4eC7Xj8Qc17/PT:qo/6A0q5HDR4oWBx3xrBx41z8QctT
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-10_d4cd2ff91baf898d3afa5c34109e27c8_lockbit.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-10-10_d4cd2ff91baf898d3afa5c34109e27c8_lockbit.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-10_d4cd2ff91baf898d3afa5c34109e27c8_lockbit
-
Size
93KB
-
MD5
d4cd2ff91baf898d3afa5c34109e27c8
-
SHA1
bd17e4452b292080cb0087fd4e5b100cccfe1c2d
-
SHA256
b8a646dd0931a3b455c720e4f3a6346447a3b4d7f1d41ff4336d29eac44055e0
-
SHA512
b3104d8f541483d6cfb1897b1cf809be9ed47c951621be830c6abbff6578d40d5e95256a312a8e8a833cec700e6fd9190be1babe306a37aef1cac26496e08687
-
SSDEEP
768:GlKar8kr2D6AKlLO+SNhBgCHDck4MV0ggv8KoETBB9D3xvjHhx4eC7Xj8Qc17/PT:qo/6A0q5HDR4oWBx3xrBx41z8QctT
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
1Safe Mode Boot
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1