Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-24_c296c29fb7c63f1b9c13ade1aa6087fe_cryptolocker

  • Size

    32KB

  • Sample

    240124-qrw4dabdgl

  • MD5

    c296c29fb7c63f1b9c13ade1aa6087fe

  • SHA1

    ce6132dd4b5bcf91a1f36d046e50732e9e4eb741

  • SHA256

    4ff44ccfddc7c9d2fb8cfc52becd3cf1377f859ebb9fd868dcafffdfd2e0dc1e

  • SHA512

    c35cc4e72e1a63fbeb7a45635cfad3a912d41e5ddbd018ff28126181bc35b00931dd204d6193c9679d20d5ad9eb43ecbad2de0e3bf62a83a03387a40bb858f2f

  • SSDEEP

    384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAMub5X:bAvJCYOOvbRPDEgXRc+BA/b5

Score
10/10

Malware Config

Targets

    • Target

      2024-01-24_c296c29fb7c63f1b9c13ade1aa6087fe_cryptolocker

    • Size

      32KB

    • MD5

      c296c29fb7c63f1b9c13ade1aa6087fe

    • SHA1

      ce6132dd4b5bcf91a1f36d046e50732e9e4eb741

    • SHA256

      4ff44ccfddc7c9d2fb8cfc52becd3cf1377f859ebb9fd868dcafffdfd2e0dc1e

    • SHA512

      c35cc4e72e1a63fbeb7a45635cfad3a912d41e5ddbd018ff28126181bc35b00931dd204d6193c9679d20d5ad9eb43ecbad2de0e3bf62a83a03387a40bb858f2f

    • SSDEEP

      384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6ckJp0qAMub5X:bAvJCYOOvbRPDEgXRc+BA/b5

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks