Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker

  • Size

    49KB

  • Sample

    240329-erw8lahd91

  • MD5

    ed219b68d56dacb2843e764a325df41e

  • SHA1

    4f68a08af30e01cb436af38eb6943acb29f442a9

  • SHA256

    2aaa093378f6a2df9099c9d0820c7d132b1bfbbe7eead78cd765365ba9b12659

  • SHA512

    ec20a1f995b4aa7151a023345e660497cd129391c012e9060d5a192508bb3231964eec2e442104a4ebc23d09491f80473d54f1d3a86ae1d9dc1db3910b975435

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHf:6j+1NMOtEvwDpjr8hhXi/

Score
10/10

Malware Config

Targets

    • Target

      2024-03-29_ed219b68d56dacb2843e764a325df41e_cryptolocker

    • Size

      49KB

    • MD5

      ed219b68d56dacb2843e764a325df41e

    • SHA1

      4f68a08af30e01cb436af38eb6943acb29f442a9

    • SHA256

      2aaa093378f6a2df9099c9d0820c7d132b1bfbbe7eead78cd765365ba9b12659

    • SHA512

      ec20a1f995b4aa7151a023345e660497cd129391c012e9060d5a192508bb3231964eec2e442104a4ebc23d09491f80473d54f1d3a86ae1d9dc1db3910b975435

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPhqlcnvhx5/xFRkHf:6j+1NMOtEvwDpjr8hhXi/

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks