Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-09_1a17c0f57d5ecfecca54fdfefcf5ec88_cryptolocker

  • Size

    132KB

  • Sample

    240309-pl1nyaff26

  • MD5

    1a17c0f57d5ecfecca54fdfefcf5ec88

  • SHA1

    e17a09eda8ed5340453095b160aff8ce2382087e

  • SHA256

    bf8326b49357545da10ee6672f074557c67718ec178126692c3ec5371e1e31c6

  • SHA512

    fbf3514d906c91d77d14197e5ef0e0e83091d818f5e60df70e99cc87f8393952f082cc0acfaad9c41859ad853fd8445589bff0ef553c0ff30f32fde1649813b7

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQblX:V6a+pOtEvwDpjt22x

Score
10/10

Malware Config

Targets

    • Target

      2024-03-09_1a17c0f57d5ecfecca54fdfefcf5ec88_cryptolocker

    • Size

      132KB

    • MD5

      1a17c0f57d5ecfecca54fdfefcf5ec88

    • SHA1

      e17a09eda8ed5340453095b160aff8ce2382087e

    • SHA256

      bf8326b49357545da10ee6672f074557c67718ec178126692c3ec5371e1e31c6

    • SHA512

      fbf3514d906c91d77d14197e5ef0e0e83091d818f5e60df70e99cc87f8393952f082cc0acfaad9c41859ad853fd8445589bff0ef553c0ff30f32fde1649813b7

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQblX:V6a+pOtEvwDpjt22x

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks