Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-09_38c972dc11529a49f494e5fe570d0a0e_cryptolocker

  • Size

    64KB

  • Sample

    240409-bw2gbsab28

  • MD5

    38c972dc11529a49f494e5fe570d0a0e

  • SHA1

    3507529c679f5f8e82a08838f3915e36ef58ccdd

  • SHA256

    485bc00f09d1b171d1a339b1a8b6dd2d64c00b0adf168df8ccdb94af42e3ee12

  • SHA512

    90e2f882f66cf80e7d88096b7a15aa39cc6e45819b2a6994ea21829f1886cc6420da4fb97b16cd9f74dd25c201b02173d7e36decdc7a1d197b32f37b1f9011d6

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEO10KmJP:6j+1NMOtEvwDpjr8ox8UDEy0KmJP

Score
10/10

Malware Config

Targets

    • Target

      2024-04-09_38c972dc11529a49f494e5fe570d0a0e_cryptolocker

    • Size

      64KB

    • MD5

      38c972dc11529a49f494e5fe570d0a0e

    • SHA1

      3507529c679f5f8e82a08838f3915e36ef58ccdd

    • SHA256

      485bc00f09d1b171d1a339b1a8b6dd2d64c00b0adf168df8ccdb94af42e3ee12

    • SHA512

      90e2f882f66cf80e7d88096b7a15aa39cc6e45819b2a6994ea21829f1886cc6420da4fb97b16cd9f74dd25c201b02173d7e36decdc7a1d197b32f37b1f9011d6

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEO10KmJP:6j+1NMOtEvwDpjr8ox8UDEy0KmJP

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks