Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-09_1e5c64084733f9d7c5b5493a26bbdecc_cryptolocker

  • Size

    52KB

  • Sample

    240409-b46e9aea8w

  • MD5

    1e5c64084733f9d7c5b5493a26bbdecc

  • SHA1

    732f41005ef062ab17dcd46d2334c92ff4b8534d

  • SHA256

    4f97c35cb6101e48c1b1073d0e9729426dad3f225da3551328fcb56e928ebdec

  • SHA512

    0bf6e6e5d87858ffd962fa817976ea86912fc62becbcccac1cfbe46a45e9bfb326d0b7718868eb75bbc91400626bc708b39d65a7c7d053d312dcae1ac1785139

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyeW:BbdDmjr+OtEvwDpjME

Score
10/10

Malware Config

Targets

    • Target

      2024-04-09_1e5c64084733f9d7c5b5493a26bbdecc_cryptolocker

    • Size

      52KB

    • MD5

      1e5c64084733f9d7c5b5493a26bbdecc

    • SHA1

      732f41005ef062ab17dcd46d2334c92ff4b8534d

    • SHA256

      4f97c35cb6101e48c1b1073d0e9729426dad3f225da3551328fcb56e928ebdec

    • SHA512

      0bf6e6e5d87858ffd962fa817976ea86912fc62becbcccac1cfbe46a45e9bfb326d0b7718868eb75bbc91400626bc708b39d65a7c7d053d312dcae1ac1785139

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6ImpyeW:BbdDmjr+OtEvwDpjME

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks