Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-11_f5989027376ebd0fa30436c1c7813014_cryptolocker

  • Size

    35KB

  • Sample

    240311-hkstdaef8z

  • MD5

    f5989027376ebd0fa30436c1c7813014

  • SHA1

    51f61ce099532539480009887dea1c5129d94efe

  • SHA256

    e9fbe1ee7b802852d2c9ab5e5c3c21c2b5ddad13cd0b8a50f2f0ec06ff016fd9

  • SHA512

    78af28edfec2c3535857d794a0e63d82db3102d62cefc87a28058fa61803fd6b0d7c4f9944b4ce5d3b2cb38177a698df26a86735944d3e330224a4486521c213

  • SSDEEP

    384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUqMV6U8zKvGaLi3n:bA74zYcgT/Ekd0ryfj86U8zbbn

Score
10/10

Malware Config

Targets

    • Target

      2024-03-11_f5989027376ebd0fa30436c1c7813014_cryptolocker

    • Size

      35KB

    • MD5

      f5989027376ebd0fa30436c1c7813014

    • SHA1

      51f61ce099532539480009887dea1c5129d94efe

    • SHA256

      e9fbe1ee7b802852d2c9ab5e5c3c21c2b5ddad13cd0b8a50f2f0ec06ff016fd9

    • SHA512

      78af28edfec2c3535857d794a0e63d82db3102d62cefc87a28058fa61803fd6b0d7c4f9944b4ce5d3b2cb38177a698df26a86735944d3e330224a4486521c213

    • SSDEEP

      384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUqMV6U8zKvGaLi3n:bA74zYcgT/Ekd0ryfj86U8zbbn

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks