Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker

  • Size

    41KB

  • Sample

    240314-kja82sfa9w

  • MD5

    61f3d6546ea0fb154ab5cc9da945c7ed

  • SHA1

    376460e977a712b675573b4006bc0fdcb15740cb

  • SHA256

    7ee88337c85d2332da3fe1b1aaab8f2593cfb3d08afddef49a4e483895f38618

  • SHA512

    86cae49ab161a26df6cd636f16a5af6e0721401967a788979015f90fcdca7fcf1817666c343c7bf4021efc6c911b522720d9359e10cad158ec7c5d85218da543

  • SSDEEP

    768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9Do:b/pYayGig5HjS3NPA9Do

Score
10/10

Malware Config

Targets

    • Target

      2024-03-14_61f3d6546ea0fb154ab5cc9da945c7ed_cryptolocker

    • Size

      41KB

    • MD5

      61f3d6546ea0fb154ab5cc9da945c7ed

    • SHA1

      376460e977a712b675573b4006bc0fdcb15740cb

    • SHA256

      7ee88337c85d2332da3fe1b1aaab8f2593cfb3d08afddef49a4e483895f38618

    • SHA512

      86cae49ab161a26df6cd636f16a5af6e0721401967a788979015f90fcdca7fcf1817666c343c7bf4021efc6c911b522720d9359e10cad158ec7c5d85218da543

    • SSDEEP

      768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PA9Do:b/pYayGig5HjS3NPA9Do

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks