Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker

  • Size

    46KB

  • Sample

    240219-ksww4sbh29

  • MD5

    c5db8b49a28cfda9d8c86c54104e1e89

  • SHA1

    01814312a96ffe0e53b191ab4f922ad1e0842e1f

  • SHA256

    5a96a8532e438520585af48a3556508d8749deb013edcc8e619f6d2b0811b3f2

  • SHA512

    3fac67df0e6a93989bdb5777e128cac4504973c7e8e6c61dd5dc527dc026bc2721b83d319762a532d6a993fceef87eb6374f870db7230a2cad8b59d9108e6022

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoN:qmbhXDmjr5MOtEvwDpj5cDtKkQZQT

Score
10/10

Malware Config

Targets

    • Target

      2024-02-19_c5db8b49a28cfda9d8c86c54104e1e89_cryptolocker

    • Size

      46KB

    • MD5

      c5db8b49a28cfda9d8c86c54104e1e89

    • SHA1

      01814312a96ffe0e53b191ab4f922ad1e0842e1f

    • SHA256

      5a96a8532e438520585af48a3556508d8749deb013edcc8e619f6d2b0811b3f2

    • SHA512

      3fac67df0e6a93989bdb5777e128cac4504973c7e8e6c61dd5dc527dc026bc2721b83d319762a532d6a993fceef87eb6374f870db7230a2cad8b59d9108e6022

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MoN:qmbhXDmjr5MOtEvwDpj5cDtKkQZQT

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks