Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker

  • Size

    4.5MB

  • Sample

    240228-yqefyacf29

  • MD5

    fd760cb3834dd75ba4833357b3be9624

  • SHA1

    f7dc45e22a083219a1d1c32808cd8a028b0a819d

  • SHA256

    5f3ca0d00c8ebeb870549e2b321ac9bd9cc68acf8a569276b2c25fda459e8f28

  • SHA512

    e99116b8423baec72235238f0f5700e442b59f568e0ce65e188a08502c8fcaa891e72151515bdd23e18646ee88dde916277493af80811b7cf7af14edebc71259

  • SSDEEP

    98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTU:g/ZFIjBzF/ZFIjBzPEUusU

Score
10/10

Malware Config

Targets

    • Target

      2024-02-28_fd760cb3834dd75ba4833357b3be9624_cryptolocker

    • Size

      4.5MB

    • MD5

      fd760cb3834dd75ba4833357b3be9624

    • SHA1

      f7dc45e22a083219a1d1c32808cd8a028b0a819d

    • SHA256

      5f3ca0d00c8ebeb870549e2b321ac9bd9cc68acf8a569276b2c25fda459e8f28

    • SHA512

      e99116b8423baec72235238f0f5700e442b59f568e0ce65e188a08502c8fcaa891e72151515bdd23e18646ee88dde916277493af80811b7cf7af14edebc71259

    • SSDEEP

      98304:g/ZFIjBzldUfs/ZFIjBz7jSZD1tU7ymTU:g/ZFIjBzF/ZFIjBzPEUusU

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks