Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-04_195afb62e2cd825af31f5213cc881f27_cryptolocker

  • Size

    40KB

  • Sample

    240204-vyak6sfaf7

  • MD5

    195afb62e2cd825af31f5213cc881f27

  • SHA1

    ddb9928f8779fb0fa98992c4fdfe3f429940b41d

  • SHA256

    706e54e8adff439c9ee1359d77e24f465a4d9d63ad11deac8bf5572805f49a65

  • SHA512

    c3ba9240207081ba423bd8bfc891d34676f1a97cbc5d2a37b4b7be9245cbb0fda59e55b938a857167565bc8bb46f5b54c63fcaf20031d80b5a5c1f81cd609a61

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaji:6j+1NMOtEvwDpjrobi

Score
10/10

Malware Config

Targets

    • Target

      2024-02-04_195afb62e2cd825af31f5213cc881f27_cryptolocker

    • Size

      40KB

    • MD5

      195afb62e2cd825af31f5213cc881f27

    • SHA1

      ddb9928f8779fb0fa98992c4fdfe3f429940b41d

    • SHA256

      706e54e8adff439c9ee1359d77e24f465a4d9d63ad11deac8bf5572805f49a65

    • SHA512

      c3ba9240207081ba423bd8bfc891d34676f1a97cbc5d2a37b4b7be9245cbb0fda59e55b938a857167565bc8bb46f5b54c63fcaf20031d80b5a5c1f81cd609a61

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaji:6j+1NMOtEvwDpjrobi

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks