Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker

  • Size

    38KB

  • Sample

    240125-bwacvadca7

  • MD5

    688c63508a1a98d7ad4b131251613ff4

  • SHA1

    f02ff2facb3f86254d29c5d9522f0a52d661cb68

  • SHA256

    d9dbdde376caa5535945321a0b0a1dc9af082166b0165422a58c1564a4458f9f

  • SHA512

    39d37d3f425c3a7c1744d02de5fdda53f611e1c654afe5acb73b2884e84e213ba238c49c9c80fda021883ae3330a7c395df8a7162d13b294dbfb20f0eaf9ebfb

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQB2:i5nkFGMOtEvwDpjn/JQ8

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_688c63508a1a98d7ad4b131251613ff4_cryptolocker

    • Size

      38KB

    • MD5

      688c63508a1a98d7ad4b131251613ff4

    • SHA1

      f02ff2facb3f86254d29c5d9522f0a52d661cb68

    • SHA256

      d9dbdde376caa5535945321a0b0a1dc9af082166b0165422a58c1564a4458f9f

    • SHA512

      39d37d3f425c3a7c1744d02de5fdda53f611e1c654afe5acb73b2884e84e213ba238c49c9c80fda021883ae3330a7c395df8a7162d13b294dbfb20f0eaf9ebfb

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLtldJQB2:i5nkFGMOtEvwDpjn/JQ8

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks