Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker

  • Size

    46KB

  • Sample

    240223-nbat4aff84

  • MD5

    fe80da3fe6edbfe96c5309a6ea33fa79

  • SHA1

    f37d36280cdff8430e3e76302da8f00544c927e5

  • SHA256

    835fc146477dca9e2b930b0f8c474c653d0964b46bc0eff1c5b977376c343e77

  • SHA512

    ffebc6baa9d670adf0702836c4696e3bde5749342cab67c715b0e799d8e2d03c8d64e4bc22bbd925f53bb19c3022aab3dfcbbf9d70b7bc359986db05b7203bb1

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobA:qmbhXDmjr5MOtEvwDpj5cDtKkQZQu

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_fe80da3fe6edbfe96c5309a6ea33fa79_cryptolocker

    • Size

      46KB

    • MD5

      fe80da3fe6edbfe96c5309a6ea33fa79

    • SHA1

      f37d36280cdff8430e3e76302da8f00544c927e5

    • SHA256

      835fc146477dca9e2b930b0f8c474c653d0964b46bc0eff1c5b977376c343e77

    • SHA512

      ffebc6baa9d670adf0702836c4696e3bde5749342cab67c715b0e799d8e2d03c8d64e4bc22bbd925f53bb19c3022aab3dfcbbf9d70b7bc359986db05b7203bb1

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2MobA:qmbhXDmjr5MOtEvwDpj5cDtKkQZQu

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks