Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-19_8be055ef89f5cd57ca12e27d7d47508d_cryptolocker

  • Size

    63KB

  • Sample

    240319-ls6lzsgf96

  • MD5

    8be055ef89f5cd57ca12e27d7d47508d

  • SHA1

    2a0670c8554856adeab184101e393e0165693bfa

  • SHA256

    dfc44d5643185c2aa5a2fd4b6ffc20bda3310a77f4e3c7709e24258fc4afe499

  • SHA512

    cbd8cff228c2b3164cf8ec347f77b297d720902540d8fb03d026843e472f2b83fc54cfd80cdb34984671137ae29b5504ca127f0e3190a60d41c80d01ca9d60be

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEKIR8:6j+1NMOtEvwDpjr8ox8UDEKK8

Score
10/10

Malware Config

Targets

    • Target

      2024-03-19_8be055ef89f5cd57ca12e27d7d47508d_cryptolocker

    • Size

      63KB

    • MD5

      8be055ef89f5cd57ca12e27d7d47508d

    • SHA1

      2a0670c8554856adeab184101e393e0165693bfa

    • SHA256

      dfc44d5643185c2aa5a2fd4b6ffc20bda3310a77f4e3c7709e24258fc4afe499

    • SHA512

      cbd8cff228c2b3164cf8ec347f77b297d720902540d8fb03d026843e472f2b83fc54cfd80cdb34984671137ae29b5504ca127f0e3190a60d41c80d01ca9d60be

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEKIR8:6j+1NMOtEvwDpjr8ox8UDEKK8

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks