Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-22_4fca0af95db245fca11fd921d3086cda_cryptolocker

  • Size

    49KB

  • Sample

    240222-szjjcscc26

  • MD5

    4fca0af95db245fca11fd921d3086cda

  • SHA1

    2023893550c90f49e7cc7de58883fd8a4708ba01

  • SHA256

    a46176397842241861983142e6bc7766a2c413cbbdf9155bfb102d55494e8421

  • SHA512

    e5a3c19855e0456f6de6310cbdc1c88dc5035cd5bbaf67ba834749814d4e57c85bc58fb3dd29d684455184746bc60ac09fe59a29736f8b516dab8a55cf3b2683

  • SSDEEP

    768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qnTHYcF:79mqyNhQMOtEvwDpjBxe8GrF

Score
10/10

Malware Config

Targets

    • Target

      2024-02-22_4fca0af95db245fca11fd921d3086cda_cryptolocker

    • Size

      49KB

    • MD5

      4fca0af95db245fca11fd921d3086cda

    • SHA1

      2023893550c90f49e7cc7de58883fd8a4708ba01

    • SHA256

      a46176397842241861983142e6bc7766a2c413cbbdf9155bfb102d55494e8421

    • SHA512

      e5a3c19855e0456f6de6310cbdc1c88dc5035cd5bbaf67ba834749814d4e57c85bc58fb3dd29d684455184746bc60ac09fe59a29736f8b516dab8a55cf3b2683

    • SSDEEP

      768:79inqyNR/QtOOtEvwDpjBK/rJ+Nw8qnTHYcF:79mqyNhQMOtEvwDpjBxe8GrF

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks