Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker

  • Size

    41KB

  • Sample

    240430-kch1bagc53

  • MD5

    7a509175e43910386dc723a853f8bb8f

  • SHA1

    961e194a0d79dd98c97b2393b992901107c92230

  • SHA256

    e66778691695f3ad8a7f1cb4f56a80102d8356fdb9d978460017ba9aaa31199c

  • SHA512

    8f2d8e89363322f49917b466efc32b8af384c47565bd9555c53761e861eb9012f144fde04589b2ad0203fd6ad96efe2de1ff8e89b57e068e0b1630a90749c48d

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhN:i5nkFGMOtEvwDpjR+viHshN7

Score
10/10

Malware Config

Targets

    • Target

      2024-04-30_7a509175e43910386dc723a853f8bb8f_cryptolocker

    • Size

      41KB

    • MD5

      7a509175e43910386dc723a853f8bb8f

    • SHA1

      961e194a0d79dd98c97b2393b992901107c92230

    • SHA256

      e66778691695f3ad8a7f1cb4f56a80102d8356fdb9d978460017ba9aaa31199c

    • SHA512

      8f2d8e89363322f49917b466efc32b8af384c47565bd9555c53761e861eb9012f144fde04589b2ad0203fd6ad96efe2de1ff8e89b57e068e0b1630a90749c48d

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhN:i5nkFGMOtEvwDpjR+viHshN7

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks