Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker

  • Size

    47KB

  • Sample

    240126-d8cpvaefbm

  • MD5

    e9b45da180e0af7cc8624faa62c27c92

  • SHA1

    51f643010fe430baccb3305189046feaaf30a8f7

  • SHA256

    f59e317bf02593ae4ba5933bb8a2ade13dbb712452827986e3b081cc64547130

  • SHA512

    0b418c2747df492df5530e805e1d14cbc093cc5f0b4f692f14256788c2ab5d6978a12f33b7fa6b307859d5d01401c7ab71d35497bc160a22b3a4c51f0f174d7e

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqq:XS5nQJ24LR1bytOOtEvwDpjNbP/3lA0

Score
10/10

Malware Config

Targets

    • Target

      2024-01-26_e9b45da180e0af7cc8624faa62c27c92_cryptolocker

    • Size

      47KB

    • MD5

      e9b45da180e0af7cc8624faa62c27c92

    • SHA1

      51f643010fe430baccb3305189046feaaf30a8f7

    • SHA256

      f59e317bf02593ae4ba5933bb8a2ade13dbb712452827986e3b081cc64547130

    • SHA512

      0b418c2747df492df5530e805e1d14cbc093cc5f0b4f692f14256788c2ab5d6978a12f33b7fa6b307859d5d01401c7ab71d35497bc160a22b3a4c51f0f174d7e

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/3lQIqq:XS5nQJ24LR1bytOOtEvwDpjNbP/3lA0

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks