Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-12_728f3f12832e0e36ff8480b860fe9ec4_cryptolocker

  • Size

    86KB

  • Sample

    240312-s2167aef74

  • MD5

    728f3f12832e0e36ff8480b860fe9ec4

  • SHA1

    5af3a490d5e8abfc96a1555900dd93c6bfbcb0f4

  • SHA256

    474de1de002f6ff2b3ec73aacb6341122c66a5b1e358ac942baf0878180d98ae

  • SHA512

    73d686c37f5a24b77a7397cb98508f18a38116e3a84f5d15f94ec210ebab45090b297083a0f7580bf245d2d61dbe69cbaa904eba12d764b5a2912fdb3dc9bf52

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvzkxraO:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8zQ

Score
10/10

Malware Config

Targets

    • Target

      2024-03-12_728f3f12832e0e36ff8480b860fe9ec4_cryptolocker

    • Size

      86KB

    • MD5

      728f3f12832e0e36ff8480b860fe9ec4

    • SHA1

      5af3a490d5e8abfc96a1555900dd93c6bfbcb0f4

    • SHA256

      474de1de002f6ff2b3ec73aacb6341122c66a5b1e358ac942baf0878180d98ae

    • SHA512

      73d686c37f5a24b77a7397cb98508f18a38116e3a84f5d15f94ec210ebab45090b297083a0f7580bf245d2d61dbe69cbaa904eba12d764b5a2912fdb3dc9bf52

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MpxRXrZSUfFKazNclMjNUvzkxraO:i5nkFGMOtEvwDpjNbwQEI8UtzNcO8zQ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks