Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-18_307594aa4ba7c3a8e613bfc3b9dcbaa2_cryptolocker

  • Size

    389KB

  • Sample

    240418-yxz18adf56

  • MD5

    307594aa4ba7c3a8e613bfc3b9dcbaa2

  • SHA1

    d3f5035dc2b61eba9255c2450ca3e92949e927c7

  • SHA256

    96c535e5053797122ddc79e20d2d7a2321ed612fc1391af4f72191d2675bb357

  • SHA512

    50224cc153cf0d4fe6d31f4e96039003601f14080bf3040b6ca8a2d45c08bda407d771c4c8cc37a0086fcbb2d1911c5336d561798760d9ba498d3c5316bf1b07

  • SSDEEP

    6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzX6:nnOflT/ZFIjBz3xjTxynGUOUhX6

Score
10/10

Malware Config

Targets

    • Target

      2024-04-18_307594aa4ba7c3a8e613bfc3b9dcbaa2_cryptolocker

    • Size

      389KB

    • MD5

      307594aa4ba7c3a8e613bfc3b9dcbaa2

    • SHA1

      d3f5035dc2b61eba9255c2450ca3e92949e927c7

    • SHA256

      96c535e5053797122ddc79e20d2d7a2321ed612fc1391af4f72191d2675bb357

    • SHA512

      50224cc153cf0d4fe6d31f4e96039003601f14080bf3040b6ca8a2d45c08bda407d771c4c8cc37a0086fcbb2d1911c5336d561798760d9ba498d3c5316bf1b07

    • SSDEEP

      6144:nnOsaQgAOjvrZFODJjBz3j1jTqQy6v2GGnugOtihzX6:nnOflT/ZFIjBz3xjTxynGUOUhX6

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks