Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker

  • Size

    68KB

  • Sample

    240308-g3a6lshc27

  • MD5

    d67ebbdc6bc495aad3f24e28178db240

  • SHA1

    a43a9cbaf41a306846a8126d31957eb50631503b

  • SHA256

    5e6aea223c6741a86a42dd3126bf133a79afb33701790559afa0283c47375759

  • SHA512

    656b377f25c25334283e157ec4d9c2ef370a77bacad5ce15865266aeb82aba6ce1506e5702005f8225f0b327916b4cd0828d8c678bf9ea9f05be7df21be490d6

  • SSDEEP

    1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUri:DW60sllyWOtEvwDpjwF85k

Score
10/10

Malware Config

Targets

    • Target

      2024-03-08_d67ebbdc6bc495aad3f24e28178db240_cryptolocker

    • Size

      68KB

    • MD5

      d67ebbdc6bc495aad3f24e28178db240

    • SHA1

      a43a9cbaf41a306846a8126d31957eb50631503b

    • SHA256

      5e6aea223c6741a86a42dd3126bf133a79afb33701790559afa0283c47375759

    • SHA512

      656b377f25c25334283e157ec4d9c2ef370a77bacad5ce15865266aeb82aba6ce1506e5702005f8225f0b327916b4cd0828d8c678bf9ea9f05be7df21be490d6

    • SSDEEP

      1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKUri:DW60sllyWOtEvwDpjwF85k

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks