Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-23_21c1a0290426001c63a21ce0e06a56c5_cryptolocker

  • Size

    40KB

  • Sample

    240423-wz8d9saf77

  • MD5

    21c1a0290426001c63a21ce0e06a56c5

  • SHA1

    912f23abf708e53a1876e2a09b8ebba2348bd039

  • SHA256

    064517de7f0c63fe7cb83a0d8d8cd57143fc33c2a79f5268ce3506d49686999c

  • SHA512

    1a5d98a552702f5d3c0496be236d90c0dae4d8a96d590ed6500ec47dac9c398aa4aacc742b8af20f990d241caeb3893bf504301f3004c088de58721258bbd967

  • SSDEEP

    768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5axRVZo4:V6QFElP6n+gMQMOtEvwDpjyaYaL/

Score
10/10

Malware Config

Targets

    • Target

      2024-04-23_21c1a0290426001c63a21ce0e06a56c5_cryptolocker

    • Size

      40KB

    • MD5

      21c1a0290426001c63a21ce0e06a56c5

    • SHA1

      912f23abf708e53a1876e2a09b8ebba2348bd039

    • SHA256

      064517de7f0c63fe7cb83a0d8d8cd57143fc33c2a79f5268ce3506d49686999c

    • SHA512

      1a5d98a552702f5d3c0496be236d90c0dae4d8a96d590ed6500ec47dac9c398aa4aacc742b8af20f990d241caeb3893bf504301f3004c088de58721258bbd967

    • SSDEEP

      768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLam5axRVZo4:V6QFElP6n+gMQMOtEvwDpjyaYaL/

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks