Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-21_65d88a380e80164c46a7bf223471630a_cryptolocker

  • Size

    47KB

  • Sample

    240221-ydvx6aeg72

  • MD5

    65d88a380e80164c46a7bf223471630a

  • SHA1

    1b0f47d458a847b64296883c6e62f8f249fc1a25

  • SHA256

    cdea96c50652da3975b7518a7062b4a682efc311f4026ac43064256652217148

  • SHA512

    4086839adfa6e1a7b965c4f5385a94ba0a6a346f461f2265b613a4223ab9407645599cadb19e822e1d6a0d82ad29095dbd7d23521727d81a08e613356d96742b

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldJQBY:xj+VGMOtEvwDpjk/JQK

Score
10/10

Malware Config

Targets

    • Target

      2024-02-21_65d88a380e80164c46a7bf223471630a_cryptolocker

    • Size

      47KB

    • MD5

      65d88a380e80164c46a7bf223471630a

    • SHA1

      1b0f47d458a847b64296883c6e62f8f249fc1a25

    • SHA256

      cdea96c50652da3975b7518a7062b4a682efc311f4026ac43064256652217148

    • SHA512

      4086839adfa6e1a7b965c4f5385a94ba0a6a346f461f2265b613a4223ab9407645599cadb19e822e1d6a0d82ad29095dbd7d23521727d81a08e613356d96742b

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWE6BLtldJQBY:xj+VGMOtEvwDpjk/JQK

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks