Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-05_4673e2e17f61aca171b381467f34830a_cryptolocker

  • Size

    42KB

  • Sample

    240405-nwr9wabe32

  • MD5

    4673e2e17f61aca171b381467f34830a

  • SHA1

    1980e57bbefdd9776d15d36ad35068db75aa7f63

  • SHA256

    d0fd9d8d57cc3c779a74576bbad0eb74a04a4c6c6c783536bad7105071ad9ca8

  • SHA512

    783e94564c426a41308f420b580e8efe1e4cca9f88216a20417feb441e39a71ea58e569f5c38aa869a6f1c0c64f539c91694ab513f4d3c7308674ad982d262d6

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKajnuJ:6j+1NMOtEvwDpjrobW

Score
10/10

Malware Config

Targets

    • Target

      2024-04-05_4673e2e17f61aca171b381467f34830a_cryptolocker

    • Size

      42KB

    • MD5

      4673e2e17f61aca171b381467f34830a

    • SHA1

      1980e57bbefdd9776d15d36ad35068db75aa7f63

    • SHA256

      d0fd9d8d57cc3c779a74576bbad0eb74a04a4c6c6c783536bad7105071ad9ca8

    • SHA512

      783e94564c426a41308f420b580e8efe1e4cca9f88216a20417feb441e39a71ea58e569f5c38aa869a6f1c0c64f539c91694ab513f4d3c7308674ad982d262d6

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqhMWKajnuJ:6j+1NMOtEvwDpjrobW

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks