Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker

  • Size

    64KB

  • Sample

    240329-wjgavaeb9x

  • MD5

    bfb12bc505ca7736641758ac7b36758b

  • SHA1

    40386403a0552097580e60ceb22506c92d24d65e

  • SHA256

    12dd746c4fb22315953508e7e85a0702c088607682e8da266f41379dc7d46e71

  • SHA512

    72e8dc462484cc7579a573148c0eeb837fae61d89883ed5bb796b0d51c429e5cdd3c579db04aea3984194e7bfbb286a82cd3e09375723ad5fa9b29509b511df3

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMpf:6j+1NMOtEvwDpjr8ox8UDEI

Score
10/10

Malware Config

Targets

    • Target

      2024-03-29_bfb12bc505ca7736641758ac7b36758b_cryptolocker

    • Size

      64KB

    • MD5

      bfb12bc505ca7736641758ac7b36758b

    • SHA1

      40386403a0552097580e60ceb22506c92d24d65e

    • SHA256

      12dd746c4fb22315953508e7e85a0702c088607682e8da266f41379dc7d46e71

    • SHA512

      72e8dc462484cc7579a573148c0eeb837fae61d89883ed5bb796b0d51c429e5cdd3c579db04aea3984194e7bfbb286a82cd3e09375723ad5fa9b29509b511df3

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMpf:6j+1NMOtEvwDpjr8ox8UDEI

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks