Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-06_2690644a0992ffcaa023d986c4f9b9cb_cryptolocker

  • Size

    39KB

  • Sample

    240306-gak54sca8y

  • MD5

    2690644a0992ffcaa023d986c4f9b9cb

  • SHA1

    01af7e3a811998fb32a51f828ab300932b70824e

  • SHA256

    5f43c9e78bc23a8216ffd50d6a1c5bf18f7efbd67f7df36beef4e2248ceb4745

  • SHA512

    d9215725b13dbea8fb7671667373f4780120222e8915449522542e8106342f94ac0a45ff0e6173f03534bcc6f5e1e353bf7c36eed9691ffc3177ac3551e57c34

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaQt:6j+1NMOtEvwDpjroA

Score
10/10

Malware Config

Targets

    • Target

      2024-03-06_2690644a0992ffcaa023d986c4f9b9cb_cryptolocker

    • Size

      39KB

    • MD5

      2690644a0992ffcaa023d986c4f9b9cb

    • SHA1

      01af7e3a811998fb32a51f828ab300932b70824e

    • SHA256

      5f43c9e78bc23a8216ffd50d6a1c5bf18f7efbd67f7df36beef4e2248ceb4745

    • SHA512

      d9215725b13dbea8fb7671667373f4780120222e8915449522542e8106342f94ac0a45ff0e6173f03534bcc6f5e1e353bf7c36eed9691ffc3177ac3551e57c34

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKaQt:6j+1NMOtEvwDpjroA

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks