Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-22_6066faebca452223dbe886fc2ea3c3b5_cryptolocker

  • Size

    64KB

  • Sample

    240422-s1amvada6x

  • MD5

    6066faebca452223dbe886fc2ea3c3b5

  • SHA1

    70eda162bcd13c18164977de9f10713662709187

  • SHA256

    d3753fe719fbb587e769afcdf83a5859176a164891dc111c9cd82a04e2b0e218

  • SHA512

    e836e06ab7824d1bb069ba4425d573951af6da0586678672f99e526524da07764e7fe4b040360eca3737241e8d914a806121a04ac2db9c49c231ceccbf90d032

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMoq:6j+1NMOtEvwDpjr8ox8UDEhq

Score
10/10

Malware Config

Targets

    • Target

      2024-04-22_6066faebca452223dbe886fc2ea3c3b5_cryptolocker

    • Size

      64KB

    • MD5

      6066faebca452223dbe886fc2ea3c3b5

    • SHA1

      70eda162bcd13c18164977de9f10713662709187

    • SHA256

      d3753fe719fbb587e769afcdf83a5859176a164891dc111c9cd82a04e2b0e218

    • SHA512

      e836e06ab7824d1bb069ba4425d573951af6da0586678672f99e526524da07764e7fe4b040360eca3737241e8d914a806121a04ac2db9c49c231ceccbf90d032

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5I52kGEMoq:6j+1NMOtEvwDpjr8ox8UDEhq

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks