Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-25_7012431beb1639564fc38e397d58c8bf_cryptolocker

  • Size

    62KB

  • Sample

    240425-v3klyadb52

  • MD5

    7012431beb1639564fc38e397d58c8bf

  • SHA1

    fe04c3d8d80026a9d5783c079acd7ab063f37475

  • SHA256

    95a117fb31c8bfef895108444f6f2edd7a1431cd30805b2946d653c851be9391

  • SHA512

    53e13340f51cf1792169469ab7e243d4b627b5bbcd7a426bef64c422a2198cb2959a3142cf32adad4ece61b3e347c90d849925e7e5418500052c74829fa3a1e9

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiJ:BbdDmjr+OtEvwDpjM8Q

Score
10/10

Malware Config

Targets

    • Target

      2024-04-25_7012431beb1639564fc38e397d58c8bf_cryptolocker

    • Size

      62KB

    • MD5

      7012431beb1639564fc38e397d58c8bf

    • SHA1

      fe04c3d8d80026a9d5783c079acd7ab063f37475

    • SHA256

      95a117fb31c8bfef895108444f6f2edd7a1431cd30805b2946d653c851be9391

    • SHA512

      53e13340f51cf1792169469ab7e243d4b627b5bbcd7a426bef64c422a2198cb2959a3142cf32adad4ece61b3e347c90d849925e7e5418500052c74829fa3a1e9

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiJ:BbdDmjr+OtEvwDpjM8Q

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks