Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-20_adb4a61a4a998162771fc571011e7524_cryptolocker

  • Size

    62KB

  • Sample

    240220-gsf9wadb43

  • MD5

    adb4a61a4a998162771fc571011e7524

  • SHA1

    331e31c658049891a5163092730527a75cff3ecc

  • SHA256

    46c5c017b302ae8e88dc99cec480605c03269d5fa8a544302989ace41172d5e1

  • SHA512

    b1e0f314ac863cf6afb7ff4d36f94179f53e1eee88708f8acab25329e1ea0b37174f6367eeb3a985dcde20140eefaff21bf68adfb2e8a1caa743091c9d554f45

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEKIv:6j+1NMOtEvwDpjr8ox8UDEK4

Score
10/10

Malware Config

Targets

    • Target

      2024-02-20_adb4a61a4a998162771fc571011e7524_cryptolocker

    • Size

      62KB

    • MD5

      adb4a61a4a998162771fc571011e7524

    • SHA1

      331e31c658049891a5163092730527a75cff3ecc

    • SHA256

      46c5c017b302ae8e88dc99cec480605c03269d5fa8a544302989ace41172d5e1

    • SHA512

      b1e0f314ac863cf6afb7ff4d36f94179f53e1eee88708f8acab25329e1ea0b37174f6367eeb3a985dcde20140eefaff21bf68adfb2e8a1caa743091c9d554f45

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEKIv:6j+1NMOtEvwDpjr8ox8UDEK4

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks