Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-18_9167592e4f289bdce8c6abb44470ffaa_cryptolocker

  • Size

    63KB

  • Sample

    240318-2h56gabg7z

  • MD5

    9167592e4f289bdce8c6abb44470ffaa

  • SHA1

    fdbbb20de8faf8c4a55b8bcd749e8982fe882455

  • SHA256

    60c469826576526a16cda90253a4dbf3cca1fff5e8aa8bf8e972a71438b85155

  • SHA512

    76601177402395c8902bff9a42d8dbda06b75d97595a7563a96d7aedfb015f9a61b747e84539324e4664a2092db27246b9e74466e23b9fecfc444b6c70ab0d77

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjyaLccVCbmhkA:V6a+pOtEvwDpjvR

Score
10/10

Malware Config

Targets

    • Target

      2024-03-18_9167592e4f289bdce8c6abb44470ffaa_cryptolocker

    • Size

      63KB

    • MD5

      9167592e4f289bdce8c6abb44470ffaa

    • SHA1

      fdbbb20de8faf8c4a55b8bcd749e8982fe882455

    • SHA256

      60c469826576526a16cda90253a4dbf3cca1fff5e8aa8bf8e972a71438b85155

    • SHA512

      76601177402395c8902bff9a42d8dbda06b75d97595a7563a96d7aedfb015f9a61b747e84539324e4664a2092db27246b9e74466e23b9fecfc444b6c70ab0d77

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjyaLccVCbmhkA:V6a+pOtEvwDpjvR

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks