Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-18_0c6bd53dd3bffbb0294ab15bb07cbb61_cryptolocker

  • Size

    92KB

  • Sample

    240318-z85xaaad25

  • MD5

    0c6bd53dd3bffbb0294ab15bb07cbb61

  • SHA1

    f1afbf28f9e767d00f454f1ec3fc5dfac2ed82cf

  • SHA256

    e7acaaee10b41d4bfd135d5f0842f9cd29a9b0805d303b902df1d36be0e507ff

  • SHA512

    26d51d365d05250c27eecf425555c2b6e66bf435e522470034a32548081eaff8db2ccd6a8a759b6e1d8f4394330f30f89a2c739aef4690053201567405aad3fb

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwMg1:V6a+pOtEvwDpjtz5

Score
10/10

Malware Config

Targets

    • Target

      2024-03-18_0c6bd53dd3bffbb0294ab15bb07cbb61_cryptolocker

    • Size

      92KB

    • MD5

      0c6bd53dd3bffbb0294ab15bb07cbb61

    • SHA1

      f1afbf28f9e767d00f454f1ec3fc5dfac2ed82cf

    • SHA256

      e7acaaee10b41d4bfd135d5f0842f9cd29a9b0805d303b902df1d36be0e507ff

    • SHA512

      26d51d365d05250c27eecf425555c2b6e66bf435e522470034a32548081eaff8db2ccd6a8a759b6e1d8f4394330f30f89a2c739aef4690053201567405aad3fb

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwMg1:V6a+pOtEvwDpjtz5

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks