Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-13_764ab904f255437dabe01483f3f19a8f_cryptolocker

  • Size

    32KB

  • Sample

    240313-gfjjgaea81

  • MD5

    764ab904f255437dabe01483f3f19a8f

  • SHA1

    2c504a630343588555c17ce6c25785d4d0d19145

  • SHA256

    6712a9b7478e868be0dee4d8cb166694db0213885d2804b170da14cfe3ca4910

  • SHA512

    fd803204e390b8def54a33f1cf7325a840cea394c39fddc936e001144334fc3e75920ea9da965cc12799fc9365fe9a358356c768a5e0846c9ebf4d6e7b0d6765

  • SSDEEP

    384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUsso+:b/yC4GyNM01GuQMNXw2PSjWo+

Score
10/10

Malware Config

Targets

    • Target

      2024-03-13_764ab904f255437dabe01483f3f19a8f_cryptolocker

    • Size

      32KB

    • MD5

      764ab904f255437dabe01483f3f19a8f

    • SHA1

      2c504a630343588555c17ce6c25785d4d0d19145

    • SHA256

      6712a9b7478e868be0dee4d8cb166694db0213885d2804b170da14cfe3ca4910

    • SHA512

      fd803204e390b8def54a33f1cf7325a840cea394c39fddc936e001144334fc3e75920ea9da965cc12799fc9365fe9a358356c768a5e0846c9ebf4d6e7b0d6765

    • SSDEEP

      384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSznUsso+:b/yC4GyNM01GuQMNXw2PSjWo+

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks