Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
-
Size
276KB
-
Sample
241012-fmjblsvckg
-
MD5
789eeeba04ac520bdf118659020cde7a
-
SHA1
333adcbc1b985154bc73b5bdbddbfff18f2468e1
-
SHA256
045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
-
SHA512
49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
-
SSDEEP
6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-12_789eeeba04ac520bdf118659020cde7a_lockbit
-
Size
276KB
-
MD5
789eeeba04ac520bdf118659020cde7a
-
SHA1
333adcbc1b985154bc73b5bdbddbfff18f2468e1
-
SHA256
045ca99c9e484a973e4bd404fbbdcc6dca7573d768961123f44d8545d66cdace
-
SHA512
49e462ac567318cdb71708692b05241076ea847ca470ec296f9339698e4665cf98ee12c25f8e4469304b5e3753e77158b337a6632837663f312114e5825fe98b
-
SSDEEP
6144:jGpV1z8QtGpGGpV1z8Qcy1PSbOqslVC7nJUkhIeMIcC16V:qpVaRpPpVaxy0bOM7np+e31
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
1Safe Mode Boot
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1