Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-25_c810e8e336fd24aab17d3da71445db41_cryptolocker

  • Size

    67KB

  • Sample

    240125-s9nk3aahhj

  • MD5

    c810e8e336fd24aab17d3da71445db41

  • SHA1

    8511fd6e5e8c84ccadc6c171b3aab600198cbdb3

  • SHA256

    0461694be35b2a3664b31ec31c0e6c0337bc68bf28c45c1b1f1c0a5267675d36

  • SHA512

    70e773ba0689fe5abae54119609a2436dca84c0103fa11f15203c04d9b3584d3543ba585aeaac468c498e16c742d5d61be3adbf619f4f3d52aeb82a74bb632c3

  • SSDEEP

    1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUe:DW60sllyWOtEvwDpjwF85c

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_c810e8e336fd24aab17d3da71445db41_cryptolocker

    • Size

      67KB

    • MD5

      c810e8e336fd24aab17d3da71445db41

    • SHA1

      8511fd6e5e8c84ccadc6c171b3aab600198cbdb3

    • SHA256

      0461694be35b2a3664b31ec31c0e6c0337bc68bf28c45c1b1f1c0a5267675d36

    • SHA512

      70e773ba0689fe5abae54119609a2436dca84c0103fa11f15203c04d9b3584d3543ba585aeaac468c498e16c742d5d61be3adbf619f4f3d52aeb82a74bb632c3

    • SSDEEP

      1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUe:DW60sllyWOtEvwDpjwF85c

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks