Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-14_0ffc9e071b6f61cf8a6571f8b61459b7_cryptolocker

  • Size

    40KB

  • Sample

    240214-pxn5aaaf2t

  • MD5

    0ffc9e071b6f61cf8a6571f8b61459b7

  • SHA1

    26428c6f542a93af5d3238fea33775b0f200d9b0

  • SHA256

    c9be42ac696b454d042458a92c90e666ad78ef98c21f726de5aa3ea58b64a274

  • SHA512

    62a82afea3af393c26e2e48702d75da2e2d61159a94d285d04847d0a020bfb2359a4c2237e38ec3eed043dbcceb5b8d3b5f101b8dd05cbdac78d500c05a5e64d

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAsX:b/pYayGig5HjS3NPAsX

Score
10/10

Malware Config

Targets

    • Target

      2024-02-14_0ffc9e071b6f61cf8a6571f8b61459b7_cryptolocker

    • Size

      40KB

    • MD5

      0ffc9e071b6f61cf8a6571f8b61459b7

    • SHA1

      26428c6f542a93af5d3238fea33775b0f200d9b0

    • SHA256

      c9be42ac696b454d042458a92c90e666ad78ef98c21f726de5aa3ea58b64a274

    • SHA512

      62a82afea3af393c26e2e48702d75da2e2d61159a94d285d04847d0a020bfb2359a4c2237e38ec3eed043dbcceb5b8d3b5f101b8dd05cbdac78d500c05a5e64d

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAsX:b/pYayGig5HjS3NPAsX

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks