Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker

  • Size

    40KB

  • Sample

    240310-b6v3ashd9x

  • MD5

    48b043f5e822bec06cac1f7e94d10fb6

  • SHA1

    c2afe62bb81b6cf97811ddb26660f4faaee5d6b3

  • SHA256

    e0f2f3ff66adea72666265115f26d1b40b4d12ebf2d89220fcf2ee91d617ba2a

  • SHA512

    f92039e733525df3b80fb98cb99548c9247ca4cca05188d9a6bf616f2f547beee27a55b722e198ce4e1b1afe59597dc3263ac105fc0ddf9df0b1d6b495240b94

  • SSDEEP

    768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRnw:m5nkFNMOtEvwDpjG8hhXO

Score
10/10

Malware Config

Targets

    • Target

      2024-03-10_48b043f5e822bec06cac1f7e94d10fb6_cryptolocker

    • Size

      40KB

    • MD5

      48b043f5e822bec06cac1f7e94d10fb6

    • SHA1

      c2afe62bb81b6cf97811ddb26660f4faaee5d6b3

    • SHA256

      e0f2f3ff66adea72666265115f26d1b40b4d12ebf2d89220fcf2ee91d617ba2a

    • SHA512

      f92039e733525df3b80fb98cb99548c9247ca4cca05188d9a6bf616f2f547beee27a55b722e198ce4e1b1afe59597dc3263ac105fc0ddf9df0b1d6b495240b94

    • SSDEEP

      768:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnvhx5/xFRnw:m5nkFNMOtEvwDpjG8hhXO

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks