Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-12_6cfcfe00292aff1e0cf69e86e18177e3_lockbit
-
Size
37KB
-
Sample
241012-knmgwawhrj
-
MD5
6cfcfe00292aff1e0cf69e86e18177e3
-
SHA1
03cc72c002e0baf8d414094c14a73298188dbb17
-
SHA256
17c2284f0cbf2751ec32ab205a63d1b42b069cb80743a73da207676d7bea370b
-
SHA512
af3852ff4ad24aabdd07a06fd39a8fbc0404e061754978ba47d773011efb320b31764d1691caaa1dc4063c646f576da7ed3c7e1a79a8cc5ab1b225bffd25dccd
-
SSDEEP
768:a0cr3xNg6Aut4bE0nvNS5ZHcWh+UNj07wbLwM6jHBB9D3xfjL2x4xC7g8Qcr6j:9WpAjHIHcO+UNS8GBx3xb6x4l8Qc+j
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-12_6cfcfe00292aff1e0cf69e86e18177e3_lockbit.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
2024-10-12_6cfcfe00292aff1e0cf69e86e18177e3_lockbit.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-12_6cfcfe00292aff1e0cf69e86e18177e3_lockbit
-
Size
37KB
-
MD5
6cfcfe00292aff1e0cf69e86e18177e3
-
SHA1
03cc72c002e0baf8d414094c14a73298188dbb17
-
SHA256
17c2284f0cbf2751ec32ab205a63d1b42b069cb80743a73da207676d7bea370b
-
SHA512
af3852ff4ad24aabdd07a06fd39a8fbc0404e061754978ba47d773011efb320b31764d1691caaa1dc4063c646f576da7ed3c7e1a79a8cc5ab1b225bffd25dccd
-
SSDEEP
768:a0cr3xNg6Aut4bE0nvNS5ZHcWh+UNj07wbLwM6jHBB9D3xfjL2x4xC7g8Qcr6j:9WpAjHIHcO+UNS8GBx3xb6x4l8Qc+j
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
1Safe Mode Boot
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1