Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker

  • Size

    99KB

  • Sample

    240408-s32t4sch63

  • MD5

    b06d855689815ab8d8e34e298967ed22

  • SHA1

    5c1d8316658db37abb10a126e9a94f5fa50b22ab

  • SHA256

    a9ce0cb3c8cbb258dcb546960111584b25bb65be1d835d9a5a10a5ba63bdb8bd

  • SHA512

    75aa3cca5c0c83beef6d0178b6cc4cd35c92c8e950275dfad212558a5be843680a9474828a1d1b016552545aa73eef19295892c63de8dc1917368500a827f9a2

  • SSDEEP

    1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCWwm:26a+2OtEvwDpjtzJ

Score
10/10

Malware Config

Targets

    • Target

      2024-04-08_b06d855689815ab8d8e34e298967ed22_cryptolocker

    • Size

      99KB

    • MD5

      b06d855689815ab8d8e34e298967ed22

    • SHA1

      5c1d8316658db37abb10a126e9a94f5fa50b22ab

    • SHA256

      a9ce0cb3c8cbb258dcb546960111584b25bb65be1d835d9a5a10a5ba63bdb8bd

    • SHA512

      75aa3cca5c0c83beef6d0178b6cc4cd35c92c8e950275dfad212558a5be843680a9474828a1d1b016552545aa73eef19295892c63de8dc1917368500a827f9a2

    • SSDEEP

      1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCWwm:26a+2OtEvwDpjtzJ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks