Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker

  • Size

    34KB

  • Sample

    240425-a6n4bacd49

  • MD5

    546963be6711bbbbd5e0000766a7fcbf

  • SHA1

    1b48264243047b0e6c3f1a349e773fc487b2220f

  • SHA256

    172e0e19d11945dc74b6a9e86c1f780c36a734baefef8b1d9fcc7dcd0094e102

  • SHA512

    77f422da015adab6b621cdb28df9c52a9d86d8b3bceb07a50f49293d1c825b00fb0caadae76524fa8b416d1ae48c2693c2f617b5a748995b898558ebc4bf0fbf

  • SSDEEP

    384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunvsY0j:bA74zYcgT/Ekd0ryfjPIunvsrj

Score
10/10

Malware Config

Targets

    • Target

      2024-04-25_546963be6711bbbbd5e0000766a7fcbf_cryptolocker

    • Size

      34KB

    • MD5

      546963be6711bbbbd5e0000766a7fcbf

    • SHA1

      1b48264243047b0e6c3f1a349e773fc487b2220f

    • SHA256

      172e0e19d11945dc74b6a9e86c1f780c36a734baefef8b1d9fcc7dcd0094e102

    • SHA512

      77f422da015adab6b621cdb28df9c52a9d86d8b3bceb07a50f49293d1c825b00fb0caadae76524fa8b416d1ae48c2693c2f617b5a748995b898558ebc4bf0fbf

    • SSDEEP

      384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunvsY0j:bA74zYcgT/Ekd0ryfjPIunvsrj

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks