Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-11_f9e31738289363b5571918e60dbf3c0d_cryptolocker

  • Size

    48KB

  • Sample

    240211-nzl72afh21

  • MD5

    f9e31738289363b5571918e60dbf3c0d

  • SHA1

    1270a27dc4880874ae9b10922f344e80f8ccedd0

  • SHA256

    65580d8206e38ecf6288067d5d00e743a5cf6acd64e0a841cec84430e4c3711c

  • SHA512

    32a5b5eeb96d29527a7849bbdc7a1eea32eec5dcfdbb381b0083e160c3e67d6894434e7de725eeeaf99cc61792c246bc4dfca5938e89144fb33fd89444700991

  • SSDEEP

    384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzv:XS5nQJ24LR1bytOOtEvwDpjNbP/0Geht

Score
10/10

Malware Config

Targets

    • Target

      2024-02-11_f9e31738289363b5571918e60dbf3c0d_cryptolocker

    • Size

      48KB

    • MD5

      f9e31738289363b5571918e60dbf3c0d

    • SHA1

      1270a27dc4880874ae9b10922f344e80f8ccedd0

    • SHA256

      65580d8206e38ecf6288067d5d00e743a5cf6acd64e0a841cec84430e4c3711c

    • SHA512

      32a5b5eeb96d29527a7849bbdc7a1eea32eec5dcfdbb381b0083e160c3e67d6894434e7de725eeeaf99cc61792c246bc4dfca5938e89144fb33fd89444700991

    • SSDEEP

      384:icX+ni9VCr5nQI021q4VQBqURYp055TOtOOtEvwDpjqIGR/hHi7/OlI0G/74zpzv:XS5nQJ24LR1bytOOtEvwDpjNbP/0Geht

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks