Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-28_ca05e2ce654d444d55a70ffd42b1d125_cryptolocker

  • Size

    30KB

  • Sample

    240428-3fy5tacb51

  • MD5

    ca05e2ce654d444d55a70ffd42b1d125

  • SHA1

    a732bd9db3ac808693b55b0b3c8f54745cfc1bb5

  • SHA256

    1a8c9e70b8e7069108e89f96ad0ef619bcf65c06c114bc0db3e702df1e225ba2

  • SHA512

    9970b03fd70938f2759451c7abd0d17cb3c789c8e174e665787f7467d1758ba16da26fb2a9c3fadd8a398e5e3cbd9b82de94645623a32de5144c1490d863e9e8

  • SSDEEP

    384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v71:bAvJCYOOvbRPDEgXRcJx

Score
10/10

Malware Config

Targets

    • Target

      2024-04-28_ca05e2ce654d444d55a70ffd42b1d125_cryptolocker

    • Size

      30KB

    • MD5

      ca05e2ce654d444d55a70ffd42b1d125

    • SHA1

      a732bd9db3ac808693b55b0b3c8f54745cfc1bb5

    • SHA256

      1a8c9e70b8e7069108e89f96ad0ef619bcf65c06c114bc0db3e702df1e225ba2

    • SHA512

      9970b03fd70938f2759451c7abd0d17cb3c789c8e174e665787f7467d1758ba16da26fb2a9c3fadd8a398e5e3cbd9b82de94645623a32de5144c1490d863e9e8

    • SSDEEP

      384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v71:bAvJCYOOvbRPDEgXRcJx

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks