Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker

  • Size

    55KB

  • Sample

    240312-bx6sfaeb63

  • MD5

    40bbd6e7653f0baaeff3dcd78aa1d0f3

  • SHA1

    e05ad365b9cbfc98075513caebfa11013d8282e0

  • SHA256

    dec4157e1d59642cadcd26c326b28e79c6ccd3d20108d4830eca9f94eb9ae890

  • SHA512

    a26544b7ce3d0225c22ceb807cfc64d67842e22863893b95b445abf1fd7937c05f49b6ae83895db9ada3907168cbf70cf8d8de4ad49e75b9fe83e26622c343b2

  • SSDEEP

    768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vaTiSfQaV2L0zN/Pcm+X:X6QFElP6n+gJBMOtEvwDpjBtE1yILOkp

Score
10/10

Malware Config

Targets

    • Target

      2024-03-12_40bbd6e7653f0baaeff3dcd78aa1d0f3_cryptolocker

    • Size

      55KB

    • MD5

      40bbd6e7653f0baaeff3dcd78aa1d0f3

    • SHA1

      e05ad365b9cbfc98075513caebfa11013d8282e0

    • SHA256

      dec4157e1d59642cadcd26c326b28e79c6ccd3d20108d4830eca9f94eb9ae890

    • SHA512

      a26544b7ce3d0225c22ceb807cfc64d67842e22863893b95b445abf1fd7937c05f49b6ae83895db9ada3907168cbf70cf8d8de4ad49e75b9fe83e26622c343b2

    • SSDEEP

      768:X6LsoEEeegiZPvEhHSG+gp/BtOOtEvwDpjBVaD3E09vaTiSfQaV2L0zN/Pcm+X:X6QFElP6n+gJBMOtEvwDpjBtE1yILOkp

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks