Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-25_868785cb93141ffc6864556e987f8bda_cryptolocker

  • Size

    387KB

  • Sample

    240325-ylp2wabc8s

  • MD5

    868785cb93141ffc6864556e987f8bda

  • SHA1

    0325c200f759d6888c41ecde160ac056c838fb44

  • SHA256

    317cf25f20bcc01948ea8c7213d27944445e9400d0183f8ad192ac0ece7e8aee

  • SHA512

    6c2a3454bff1de5d0d3154f7bd5e8ee9b06403c8a294e951ee1e1cddb7874f4ba9c77a7643dd404a40e7de56f94cac6de3bcaf097713a9965b8724a60240aa07

  • SSDEEP

    6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXM:nnOflT/ZFIjBz3xjTxynGUOUhXM

Score
10/10

Malware Config

Targets

    • Target

      2024-03-25_868785cb93141ffc6864556e987f8bda_cryptolocker

    • Size

      387KB

    • MD5

      868785cb93141ffc6864556e987f8bda

    • SHA1

      0325c200f759d6888c41ecde160ac056c838fb44

    • SHA256

      317cf25f20bcc01948ea8c7213d27944445e9400d0183f8ad192ac0ece7e8aee

    • SHA512

      6c2a3454bff1de5d0d3154f7bd5e8ee9b06403c8a294e951ee1e1cddb7874f4ba9c77a7643dd404a40e7de56f94cac6de3bcaf097713a9965b8724a60240aa07

    • SSDEEP

      6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzXM:nnOflT/ZFIjBz3xjTxynGUOUhXM

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks