Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker

  • Size

    49KB

  • Sample

    240314-stk51afe8x

  • MD5

    034622ef529ee38f1f6f7d1c21417689

  • SHA1

    29897c0bff2981f2b3bf437d77f4f28536cc5a07

  • SHA256

    3e10ec094f24f5d741182d60158b918d796ce807ac060773631e9c552a81285c

  • SHA512

    7afa2173fcd56370641d47a1991938bc55eb898828155446bd96d8e9fef10d25ec1a6048dc34e297bf32264d485b89ad8ed426e9fe87e3b37477478994cc5820

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05WTB52zl:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ6uj1

Score
10/10

Malware Config

Targets

    • Target

      2024-03-14_034622ef529ee38f1f6f7d1c21417689_cryptolocker

    • Size

      49KB

    • MD5

      034622ef529ee38f1f6f7d1c21417689

    • SHA1

      29897c0bff2981f2b3bf437d77f4f28536cc5a07

    • SHA256

      3e10ec094f24f5d741182d60158b918d796ce807ac060773631e9c552a81285c

    • SHA512

      7afa2173fcd56370641d47a1991938bc55eb898828155446bd96d8e9fef10d25ec1a6048dc34e297bf32264d485b89ad8ed426e9fe87e3b37477478994cc5820

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05WTB52zl:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ6uj1

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks