Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-09_96c9ed0aeb6f6c88495922b80105900e_cryptolocker

  • Size

    63KB

  • Sample

    240309-c85vyscg2s

  • MD5

    96c9ed0aeb6f6c88495922b80105900e

  • SHA1

    f935c5f3d77bcae91fe085c3a7860f0ebdbed019

  • SHA256

    9dbf1be43f0500ccb8dca3cc760c3b5cfa0b9d6e85d566c07366d6ba18afe63e

  • SHA512

    05249740f6d034d5c2879328e1686f76531eaaaf7bac20ecf482c5aa7fb5d91b78afbfef8283c29186fcb620cc985fb9960ef311e680616d7bfe6e79b9a7c353

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEM1:6j+1NMOtEvwDpjr8ox8UDE8

Score
10/10

Malware Config

Targets

    • Target

      2024-03-09_96c9ed0aeb6f6c88495922b80105900e_cryptolocker

    • Size

      63KB

    • MD5

      96c9ed0aeb6f6c88495922b80105900e

    • SHA1

      f935c5f3d77bcae91fe085c3a7860f0ebdbed019

    • SHA256

      9dbf1be43f0500ccb8dca3cc760c3b5cfa0b9d6e85d566c07366d6ba18afe63e

    • SHA512

      05249740f6d034d5c2879328e1686f76531eaaaf7bac20ecf482c5aa7fb5d91b78afbfef8283c29186fcb620cc985fb9960ef311e680616d7bfe6e79b9a7c353

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEM1:6j+1NMOtEvwDpjr8ox8UDE8

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks