Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-02_98d3ac90bf564b00b6207c857c6725a9_cryptolocker

  • Size

    39KB

  • Sample

    240202-ybl78sgacr

  • MD5

    98d3ac90bf564b00b6207c857c6725a9

  • SHA1

    f076509012b3b3aec8bfa79abd5f5cdc2f0eddb2

  • SHA256

    ecfc4a6ffb3b5185f90c2db808680e343bd932eeeac5d4f91d7df6bbdf08ecad

  • SHA512

    2cda726fc5a8a1a0e5efc613e9b0509adf85de5b540f45e0eca749c21c074d88340046774b0fecaf81526eed2a71684f708bacdb8398f002c5a63d140f209523

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR8L:m5nkFNMOtEvwDpjG8hhXO

Score
10/10

Malware Config

Targets

    • Target

      2024-02-02_98d3ac90bf564b00b6207c857c6725a9_cryptolocker

    • Size

      39KB

    • MD5

      98d3ac90bf564b00b6207c857c6725a9

    • SHA1

      f076509012b3b3aec8bfa79abd5f5cdc2f0eddb2

    • SHA256

      ecfc4a6ffb3b5185f90c2db808680e343bd932eeeac5d4f91d7df6bbdf08ecad

    • SHA512

      2cda726fc5a8a1a0e5efc613e9b0509adf85de5b540f45e0eca749c21c074d88340046774b0fecaf81526eed2a71684f708bacdb8398f002c5a63d140f209523

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFR8L:m5nkFNMOtEvwDpjG8hhXO

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks