Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-23_e4d1823a908f017203874f5006a48ab0_cryptolocker

  • Size

    4.5MB

  • Sample

    240223-yk7kjagh5s

  • MD5

    e4d1823a908f017203874f5006a48ab0

  • SHA1

    0f0dda8abfa3856f1149478c190f8eb3022caee0

  • SHA256

    6b8d9d0413daf9886be8f020c0f4887602213d96da9957e280d25d29c641a5a1

  • SHA512

    fac03013afd3db9460777c64cf3fece1fbae6e2a21e522a50c74479b5cfe0e67eb31dd83a678645082b6070879e5f8ea7b205ef4d1d1dc2124a0fccd00046901

  • SSDEEP

    98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymT5:g/ZFIjBzF/ZFIjBzPEUus5

Score
10/10

Malware Config

Targets

    • Target

      2024-02-23_e4d1823a908f017203874f5006a48ab0_cryptolocker

    • Size

      4.5MB

    • MD5

      e4d1823a908f017203874f5006a48ab0

    • SHA1

      0f0dda8abfa3856f1149478c190f8eb3022caee0

    • SHA256

      6b8d9d0413daf9886be8f020c0f4887602213d96da9957e280d25d29c641a5a1

    • SHA512

      fac03013afd3db9460777c64cf3fece1fbae6e2a21e522a50c74479b5cfe0e67eb31dd83a678645082b6070879e5f8ea7b205ef4d1d1dc2124a0fccd00046901

    • SSDEEP

      98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymT5:g/ZFIjBzF/ZFIjBzPEUus5

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks