Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker

  • Size

    42KB

  • Sample

    240428-scab6sad24

  • MD5

    f532b07a119c2ff696a6024da20f9f20

  • SHA1

    e58b47709c0bce259b887240047586a982c74f26

  • SHA256

    8ece53bcdad06233a28fff0f6fba1f18b92a3dbe28430837b54ed530b91b6427

  • SHA512

    6c3fff32de64513059a24c4c2f900cf56031ea7d1d87b269961cd60fd6999f361ec5ba1168b442a976ac9bbcf0a8c07d6fd233d723f8136b67c11846ff4750e7

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/li:6j+1NMOtEvwDpjrRM

Score
10/10

Malware Config

Targets

    • Target

      2024-04-28_f532b07a119c2ff696a6024da20f9f20_cryptolocker

    • Size

      42KB

    • MD5

      f532b07a119c2ff696a6024da20f9f20

    • SHA1

      e58b47709c0bce259b887240047586a982c74f26

    • SHA256

      8ece53bcdad06233a28fff0f6fba1f18b92a3dbe28430837b54ed530b91b6427

    • SHA512

      6c3fff32de64513059a24c4c2f900cf56031ea7d1d87b269961cd60fd6999f361ec5ba1168b442a976ac9bbcf0a8c07d6fd233d723f8136b67c11846ff4750e7

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/li:6j+1NMOtEvwDpjrRM

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks