Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker

  • Size

    32KB

  • Sample

    240315-g6r9ashh8x

  • MD5

    32dbb436a5a2c1406ae580f383d9d763

  • SHA1

    d8b3f233bfca6562caf4adf48f24e007932630b8

  • SHA256

    96c5fc81ecad2bc2cb55dc65a5034a9341df4abd53e57f44cb6f694ae0bfee09

  • SHA512

    75ad04dd3dcbcb6ee7fec2ca3694d0b4281fb5195d323e9e17d0c5eefc8ad4b653d739bdb2057af6dd18676271982b254d9702d62ee08cbede7477752f1fb6c8

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjN:q0zizzOSxMOtEvwDpj/arql

Score
10/10

Malware Config

Targets

    • Target

      2024-03-15_32dbb436a5a2c1406ae580f383d9d763_cryptolocker

    • Size

      32KB

    • MD5

      32dbb436a5a2c1406ae580f383d9d763

    • SHA1

      d8b3f233bfca6562caf4adf48f24e007932630b8

    • SHA256

      96c5fc81ecad2bc2cb55dc65a5034a9341df4abd53e57f44cb6f694ae0bfee09

    • SHA512

      75ad04dd3dcbcb6ee7fec2ca3694d0b4281fb5195d323e9e17d0c5eefc8ad4b653d739bdb2057af6dd18676271982b254d9702d62ee08cbede7477752f1fb6c8

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHbjN:q0zizzOSxMOtEvwDpj/arql

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks