045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-10-12...it.exe

windows7-x64

7

2024-10-12...it.exe

windows10-2004-x64

7

Sharing

General

Target

2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
Size

276KB
Sample

241012-fmjblsvckg
MD5

789eeeba04ac520bdf118659020cde7a
SHA1

333adcbc1b985154bc73b5bdbddbfff18f2468e1
SHA256

045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
SHA512

49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
SSDEEP

6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31

Score

7^/10

defense_evasion discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit.exe

Resource

win7-20240708-en

defense_evasion discovery

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit.exe

Resource

win10v2004-20241007-en

defense_evasion discovery

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
- Size
  
  276KB
- MD5
  
  789eeeba04ac520bdf118659020cde7a
- SHA1
  
  333adcbc1b985154bc73b5bdbddbfff18f2468e1
- SHA256
  
  045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
- SHA512
  
  49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
- SSDEEP
  
  6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Safe Mode Boot

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.