Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker

  • Size

    40KB

  • Sample

    240228-nhpltsac72

  • MD5

    003bfa6663ccb47b6fc9ec49675f5b95

  • SHA1

    85cbc3048845686eb3892dbff9710656fe22518f

  • SHA256

    d3f04128bef536c4bcf89a0d728e97435fe0305fb854b048fbe825702fd989e0

  • SHA512

    60e56b975c21e2537393a937e305963c73ed2c072e99bdaeeb69c2d7e2740437a229b7466d02d4645590999323641f34384382062b45ccf72d10b9c608fe57e1

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnHG:m5nkFNMOtEvwDpjG8hgpHG

Score
10/10

Malware Config

Targets

    • Target

      2024-02-28_003bfa6663ccb47b6fc9ec49675f5b95_cryptolocker

    • Size

      40KB

    • MD5

      003bfa6663ccb47b6fc9ec49675f5b95

    • SHA1

      85cbc3048845686eb3892dbff9710656fe22518f

    • SHA256

      d3f04128bef536c4bcf89a0d728e97435fe0305fb854b048fbe825702fd989e0

    • SHA512

      60e56b975c21e2537393a937e305963c73ed2c072e99bdaeeb69c2d7e2740437a229b7466d02d4645590999323641f34384382062b45ccf72d10b9c608fe57e1

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvgpnHG:m5nkFNMOtEvwDpjG8hgpHG

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks