Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker

  • Size

    62KB

  • Sample

    240419-vdlgyahg58

  • MD5

    a847a5c5a23fd7f1f6ea71d746e9a4e5

  • SHA1

    4d5aaa15499e000a25ca925283325a1e3402aceb

  • SHA256

    5a2a031a31d9229603d8ec1b5591933c3eff79b126ab27f3411d8e3532fcb2d1

  • SHA512

    d6e825165b95ab13fc78db649da65c6f44199677202e4966954df5efde1a4a11a177e5d0c5bb26445e53dbc9c4f37da9a10a2f5258404cdfa872fc103f2ab06b

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiu:BbdDmjr+OtEvwDpjM8z

Score
10/10

Malware Config

Targets

    • Target

      2024-04-19_a847a5c5a23fd7f1f6ea71d746e9a4e5_cryptolocker

    • Size

      62KB

    • MD5

      a847a5c5a23fd7f1f6ea71d746e9a4e5

    • SHA1

      4d5aaa15499e000a25ca925283325a1e3402aceb

    • SHA256

      5a2a031a31d9229603d8ec1b5591933c3eff79b126ab27f3411d8e3532fcb2d1

    • SHA512

      d6e825165b95ab13fc78db649da65c6f44199677202e4966954df5efde1a4a11a177e5d0c5bb26445e53dbc9c4f37da9a10a2f5258404cdfa872fc103f2ab06b

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiu:BbdDmjr+OtEvwDpjM8z

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks