Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker

  • Size

    39KB

  • Sample

    240221-d13ajaaf4y

  • MD5

    db01fa163a477b7a6af4b05eb5249ffc

  • SHA1

    3d3bf36d35b0fe72bb446fded53800688acfa509

  • SHA256

    c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729

  • SHA512

    782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1

  • SSDEEP

    768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3

Score
10/10

Malware Config

Targets

    • Target

      2024-02-21_db01fa163a477b7a6af4b05eb5249ffc_cryptolocker

    • Size

      39KB

    • MD5

      db01fa163a477b7a6af4b05eb5249ffc

    • SHA1

      3d3bf36d35b0fe72bb446fded53800688acfa509

    • SHA256

      c6d21ca698324630d60737598ec2838b7fb8aa5fdcb3623224577cd9fbdf2729

    • SHA512

      782874ca39676d901067acfb37ec6a60858a57faedf3af3b8b0ece485fb7c09a27c60167b4e255f1d5b534ba69b3e233a3a1434304527dc919e162f8aa3d30f1

    • SSDEEP

      768:bAvJCYOOvbRPDEgXrNekd7l94i3py/yLFka:bAvJCF+RQgJeab4sy/a3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks