Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-23_43c7da0ef74fbb172da10a20d680a6a7_cryptolocker

  • Size

    49KB

  • Sample

    240223-mqal7sfd42

  • MD5

    43c7da0ef74fbb172da10a20d680a6a7

  • SHA1

    171aba3160296275c400a1be8a72be9277b3ca1a

  • SHA256

    173c5b788b151faca47fdd38ac932d588d016e5748547e71bb395dda0a9608e5

  • SHA512

    aa20cdbb285cb933206f8d5026e0ad37a5af39280349341e27cbb1e7180e66c21e775476f3067459146c3b0742b6bbeb20fa635d7648ae263923d566070bcc97

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQPdUvQ:BbdDmjr+OtEvwDpjMXx

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_43c7da0ef74fbb172da10a20d680a6a7_cryptolocker

    • Size

      49KB

    • MD5

      43c7da0ef74fbb172da10a20d680a6a7

    • SHA1

      171aba3160296275c400a1be8a72be9277b3ca1a

    • SHA256

      173c5b788b151faca47fdd38ac932d588d016e5748547e71bb395dda0a9608e5

    • SHA512

      aa20cdbb285cb933206f8d5026e0ad37a5af39280349341e27cbb1e7180e66c21e775476f3067459146c3b0742b6bbeb20fa635d7648ae263923d566070bcc97

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQPdUvQ:BbdDmjr+OtEvwDpjMXx

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks