Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-04_ef8dcedf8c1c3c8a8bcbf006bf9d49d6_cryptolocker

  • Size

    56KB

  • Sample

    240204-s3qrvadcc6

  • MD5

    ef8dcedf8c1c3c8a8bcbf006bf9d49d6

  • SHA1

    1aaaca642343a965c4d8625455ec1885c0c15818

  • SHA256

    5aa0e1a665bd7fc0313363fe0879de6be733b88b41432a95673cbd0f9f79e550

  • SHA512

    66202676cfac7d1e4f8ad57077d7bb0563921f25b63accfb1870dcca4ca1add0656a1c973f94868affb033aaf77a865a3872c3c1266adb0f66e9ed2834996a28

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Goi20Pb3:xj+VGMOtEvwDpjubEgV20D3

Score
10/10

Malware Config

Targets

    • Target

      2024-02-04_ef8dcedf8c1c3c8a8bcbf006bf9d49d6_cryptolocker

    • Size

      56KB

    • MD5

      ef8dcedf8c1c3c8a8bcbf006bf9d49d6

    • SHA1

      1aaaca642343a965c4d8625455ec1885c0c15818

    • SHA256

      5aa0e1a665bd7fc0313363fe0879de6be733b88b41432a95673cbd0f9f79e550

    • SHA512

      66202676cfac7d1e4f8ad57077d7bb0563921f25b63accfb1870dcca4ca1add0656a1c973f94868affb033aaf77a865a3872c3c1266adb0f66e9ed2834996a28

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7Goi20Pb3:xj+VGMOtEvwDpjubEgV20D3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks