Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-08_bf0408240f8b88bb06b5823040118fb5_cryptolocker

  • Size

    35KB

  • Sample

    240308-1fyg6she2w

  • MD5

    bf0408240f8b88bb06b5823040118fb5

  • SHA1

    af9ceb715e18c0add90daacec8a26db6871fc624

  • SHA256

    b0723e79f6f96fd36810092e660d876afc308123713e2453cc7f921d988be0de

  • SHA512

    1ed4f8614dcb9732a70f456470eea0ede292281fa64e6e0d8f20bab0e6975ed0986af99a3935a7c7480116e2d5bcb29a599861b200bfe387fe59103e0f20d2af

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoW8t:qmbhXDmjr5MOtEvwDpj5cDvt

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_bf0408240f8b88bb06b5823040118fb5_cryptolocker

    • Size

      35KB

    • MD5

      bf0408240f8b88bb06b5823040118fb5

    • SHA1

      af9ceb715e18c0add90daacec8a26db6871fc624

    • SHA256

      b0723e79f6f96fd36810092e660d876afc308123713e2453cc7f921d988be0de

    • SHA512

      1ed4f8614dcb9732a70f456470eea0ede292281fa64e6e0d8f20bab0e6975ed0986af99a3935a7c7480116e2d5bcb29a599861b200bfe387fe59103e0f20d2af

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoW8t:qmbhXDmjr5MOtEvwDpj5cDvt

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks