Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker

  • Size

    104KB

  • Sample

    240313-b9x13abc26

  • MD5

    b3c71fe4784494d0c52bf5a5d3ffb6f4

  • SHA1

    51a9c427eb277856a896b7baf866e1df7e26814b

  • SHA256

    4ec9e919597ae3de952e3a3c30ff52f076fd16333db63c419ba68eee1be74753

  • SHA512

    289acaf15e42ba3bb93245c3f325ec3ac5fa8cf1f335e1992794a6d374d3d15931142bef12d49a184e89cb692bc535ec48fd58c34c1e3bcb020489a608d0d792

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgpQbCJhA:V6a+pOtEvwDpjtzx

Score
10/10

Malware Config

Targets

    • Target

      2024-03-13_b3c71fe4784494d0c52bf5a5d3ffb6f4_cryptolocker

    • Size

      104KB

    • MD5

      b3c71fe4784494d0c52bf5a5d3ffb6f4

    • SHA1

      51a9c427eb277856a896b7baf866e1df7e26814b

    • SHA256

      4ec9e919597ae3de952e3a3c30ff52f076fd16333db63c419ba68eee1be74753

    • SHA512

      289acaf15e42ba3bb93245c3f325ec3ac5fa8cf1f335e1992794a6d374d3d15931142bef12d49a184e89cb692bc535ec48fd58c34c1e3bcb020489a608d0d792

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgpQbCJhA:V6a+pOtEvwDpjtzx

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks