Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker

  • Size

    33KB

  • Sample

    240124-bbrfmaeea7

  • MD5

    f85e6265972e576a2b3ecae32f80e926

  • SHA1

    954d83977a2a048bed1ff5b2a7e5bfdd0dc94db2

  • SHA256

    e54c58a42bd491658cf9e384629065560208f8d26bc08012e94059dbf0f7d115

  • SHA512

    c54e6a2736e4f546390537f42d03321f89792251ce26074eb0ff78ed360e2d4e1dc23fe7afc8c7c352e2b3aab25d41166de1e188fe5d7f8d1efd12114a16af5e

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZxZ:b/yC4GyNM01GuQMNXw2PSj1PPZ

Score
10/10

Malware Config

Targets

    • Target

      2024-01-24_f85e6265972e576a2b3ecae32f80e926_cryptolocker

    • Size

      33KB

    • MD5

      f85e6265972e576a2b3ecae32f80e926

    • SHA1

      954d83977a2a048bed1ff5b2a7e5bfdd0dc94db2

    • SHA256

      e54c58a42bd491658cf9e384629065560208f8d26bc08012e94059dbf0f7d115

    • SHA512

      c54e6a2736e4f546390537f42d03321f89792251ce26074eb0ff78ed360e2d4e1dc23fe7afc8c7c352e2b3aab25d41166de1e188fe5d7f8d1efd12114a16af5e

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZxZ:b/yC4GyNM01GuQMNXw2PSj1PPZ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks