Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-04_dbc34bc5ec493f1f677497fa259cc0ab_cryptolocker

  • Size

    50KB

  • Sample

    240204-v5wrzsfch7

  • MD5

    dbc34bc5ec493f1f677497fa259cc0ab

  • SHA1

    37ba37650a2a75be1ee98ceac9795baca84d9e88

  • SHA256

    954af40b8d0417c374d845f881080e76d2c8dd5204ff646ffef7c88bbc92163f

  • SHA512

    df442691cb305276c0982254793a03a99ad8a367e3ef15068dfb690d1378632671d658bda611c5f9ca615e873ec12d932f0939d47643a6fe57f1cc2cb59be5ce

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzF3FP:i5nkFGMOtEvwDpjNbwQEqV

Score
10/10

Malware Config

Targets

    • Target

      2024-02-04_dbc34bc5ec493f1f677497fa259cc0ab_cryptolocker

    • Size

      50KB

    • MD5

      dbc34bc5ec493f1f677497fa259cc0ab

    • SHA1

      37ba37650a2a75be1ee98ceac9795baca84d9e88

    • SHA256

      954af40b8d0417c374d845f881080e76d2c8dd5204ff646ffef7c88bbc92163f

    • SHA512

      df442691cb305276c0982254793a03a99ad8a367e3ef15068dfb690d1378632671d658bda611c5f9ca615e873ec12d932f0939d47643a6fe57f1cc2cb59be5ce

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzF3FP:i5nkFGMOtEvwDpjNbwQEqV

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks