Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker

  • Size

    37KB

  • Sample

    240310-f6knsade9v

  • MD5

    0d3f2a1063f19b837cba305eb018f850

  • SHA1

    520559f0be8ee7db5824e028b61d115d4516e713

  • SHA256

    75d5dc5a8cc4c66849ff04472410dbba46ec2d214f46f6534fea09080a73a2f7

  • SHA512

    890cb1b835a4238b697ce51cbfe444b39a28601dd2174259cb4564352fbfe0a4d1926676a2e47786ab3497010cd562b3198fcd3cf153eb5d4345c4a544f3407c

  • SSDEEP

    384:+cX+ni9VCr5nQI021q4VQBqURYpetOOtEvwDpjqIGRxzOP51FqQLicn3f3VhBlX1:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/1

Score
10/10

Malware Config

Targets

    • Target

      2024-03-10_0d3f2a1063f19b837cba305eb018f850_cryptolocker

    • Size

      37KB

    • MD5

      0d3f2a1063f19b837cba305eb018f850

    • SHA1

      520559f0be8ee7db5824e028b61d115d4516e713

    • SHA256

      75d5dc5a8cc4c66849ff04472410dbba46ec2d214f46f6534fea09080a73a2f7

    • SHA512

      890cb1b835a4238b697ce51cbfe444b39a28601dd2174259cb4564352fbfe0a4d1926676a2e47786ab3497010cd562b3198fcd3cf153eb5d4345c4a544f3407c

    • SSDEEP

      384:+cX+ni9VCr5nQI021q4VQBqURYpetOOtEvwDpjqIGRxzOP51FqQLicn3f3VhBlX1:TS5nQJ24LR7tOOtEvwDpjGqPhqlcnv/1

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks