Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-04_6fc4a5a6a57875a6842dfac6afbbba64_cryptolocker

  • Size

    39KB

  • Sample

    240204-kdedhsffgj

  • MD5

    6fc4a5a6a57875a6842dfac6afbbba64

  • SHA1

    319bde82debaa765ff273cb09fa33a2ea9044144

  • SHA256

    194e170fe88c064749614520eafe125e3b42da7582e2a6a9290eaeb54240d670

  • SHA512

    ce1de797a8c4b77375bff99c8bc31a6d52c3b77ebcec4d425ef6c498bba8caba7203d655eadc9202b79ce06e088e017f0d81d31b104ae0d4798e382555e38deb

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY/x:m5nkFNMOtEvwDpjG8hhXy/x

Score
10/10

Malware Config

Targets

    • Target

      2024-02-04_6fc4a5a6a57875a6842dfac6afbbba64_cryptolocker

    • Size

      39KB

    • MD5

      6fc4a5a6a57875a6842dfac6afbbba64

    • SHA1

      319bde82debaa765ff273cb09fa33a2ea9044144

    • SHA256

      194e170fe88c064749614520eafe125e3b42da7582e2a6a9290eaeb54240d670

    • SHA512

      ce1de797a8c4b77375bff99c8bc31a6d52c3b77ebcec4d425ef6c498bba8caba7203d655eadc9202b79ce06e088e017f0d81d31b104ae0d4798e382555e38deb

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRY/x:m5nkFNMOtEvwDpjG8hhXy/x

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks