Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-28_999e49e3d337a40945561bbd0673a5ad_cryptolocker

  • Size

    31KB

  • Sample

    240328-feyrbsed2v

  • MD5

    999e49e3d337a40945561bbd0673a5ad

  • SHA1

    354b836a1932858c9ed898591c5077fd1b1c0035

  • SHA256

    62d435aed54f22fdfc63ba967ee3d97ff2ab001a5cd84c55a09fd171107b160d

  • SHA512

    981d8bde33cf45a22c144a9458d53e120467a31d4c79d14538177eab60ac792aa010914eb92c30d56b33797cd5bacd72aef717c5d521129989c1345faaf048c6

  • SSDEEP

    768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHh:q0zizzOSxMOtEvwDpj/arqB

Score
10/10

Malware Config

Targets

    • Target

      2024-03-28_999e49e3d337a40945561bbd0673a5ad_cryptolocker

    • Size

      31KB

    • MD5

      999e49e3d337a40945561bbd0673a5ad

    • SHA1

      354b836a1932858c9ed898591c5077fd1b1c0035

    • SHA256

      62d435aed54f22fdfc63ba967ee3d97ff2ab001a5cd84c55a09fd171107b160d

    • SHA512

      981d8bde33cf45a22c144a9458d53e120467a31d4c79d14538177eab60ac792aa010914eb92c30d56b33797cd5bacd72aef717c5d521129989c1345faaf048c6

    • SSDEEP

      768:q0ZziOWwULueOSdE8tOOtEvwDpjeWaJIOc+4tHh:q0zizzOSxMOtEvwDpj/arqB

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks