Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker

  • Size

    128KB

  • Sample

    240312-py4w5abb46

  • MD5

    b0138e1da5fdb3af970fa9848a2a913c

  • SHA1

    849b5e65e59932c6efcfcc76ba5d71a35bd47235

  • SHA256

    491187444a1dbfec709afb612008e72e3027f5d6f9eaecbcef012db8d33b5a51

  • SHA512

    2cbe578a1992bcfbedea90bb92908a4dd9daaa566f47a1f9034c35405cfec2056c88af1a30d4511c390d767909c64f70ba6d1f54293a136d9af40c468acccdf1

  • SSDEEP

    1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//6:vCjsIOtEvwDpj5H9YvQd2RA

Score
10/10

Malware Config

Targets

    • Target

      2024-03-12_b0138e1da5fdb3af970fa9848a2a913c_cryptolocker

    • Size

      128KB

    • MD5

      b0138e1da5fdb3af970fa9848a2a913c

    • SHA1

      849b5e65e59932c6efcfcc76ba5d71a35bd47235

    • SHA256

      491187444a1dbfec709afb612008e72e3027f5d6f9eaecbcef012db8d33b5a51

    • SHA512

      2cbe578a1992bcfbedea90bb92908a4dd9daaa566f47a1f9034c35405cfec2056c88af1a30d4511c390d767909c64f70ba6d1f54293a136d9af40c468acccdf1

    • SSDEEP

      1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//6:vCjsIOtEvwDpj5H9YvQd2RA

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks