Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-09_896d31d803ea072c3ca9cb873a9d7485_cryptolocker

  • Size

    53KB

  • Sample

    240509-2fycvaac71

  • MD5

    896d31d803ea072c3ca9cb873a9d7485

  • SHA1

    1e7f55a144e7b3cc3ad8151c632dd75945588887

  • SHA256

    ef17be5d6bab4c84fb89458df2d0ffc2fe1727da6c6e0e57e9d806a68d9377c2

  • SHA512

    d3198bdc7a1ff60d8ab678298b3ca0215ec74f5bb58dcce25364234c337e5a91a58e517b2e4712723b922db6f4cadab11fcf767c3bf66daa558b4ba45621e08b

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjeJQ7pojaklPs5:V6a+pOtEvwDpj9

Score
10/10

Malware Config

Targets

    • Target

      2024-05-09_896d31d803ea072c3ca9cb873a9d7485_cryptolocker

    • Size

      53KB

    • MD5

      896d31d803ea072c3ca9cb873a9d7485

    • SHA1

      1e7f55a144e7b3cc3ad8151c632dd75945588887

    • SHA256

      ef17be5d6bab4c84fb89458df2d0ffc2fe1727da6c6e0e57e9d806a68d9377c2

    • SHA512

      d3198bdc7a1ff60d8ab678298b3ca0215ec74f5bb58dcce25364234c337e5a91a58e517b2e4712723b922db6f4cadab11fcf767c3bf66daa558b4ba45621e08b

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjeJQ7pojaklPs5:V6a+pOtEvwDpj9

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks