Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-12_8fcbdc78b725645ea2dd233fbdb1d487_cryptolocker

  • Size

    42KB

  • Sample

    240512-rze1hadg79

  • MD5

    8fcbdc78b725645ea2dd233fbdb1d487

  • SHA1

    7f4fc37a023000a6cc9c7844112cd79c94de3d23

  • SHA256

    4dc08a42f2508163c1b23ca983f6ee3aa5dd33f94bb8f01ef563f5c4962e5aa0

  • SHA512

    8dd3b8b023d54f9f3ebfe2239ad1c1006dfffb7f1c749c4770d2e1f7224a956803964967301876ecd5fe5ac567f43aa3543103cf1d6781b282297cc5f0007a6e

  • SSDEEP

    768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkL7vFO:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkL8

Score
10/10

Malware Config

Targets

    • Target

      2024-05-12_8fcbdc78b725645ea2dd233fbdb1d487_cryptolocker

    • Size

      42KB

    • MD5

      8fcbdc78b725645ea2dd233fbdb1d487

    • SHA1

      7f4fc37a023000a6cc9c7844112cd79c94de3d23

    • SHA256

      4dc08a42f2508163c1b23ca983f6ee3aa5dd33f94bb8f01ef563f5c4962e5aa0

    • SHA512

      8dd3b8b023d54f9f3ebfe2239ad1c1006dfffb7f1c749c4770d2e1f7224a956803964967301876ecd5fe5ac567f43aa3543103cf1d6781b282297cc5f0007a6e

    • SSDEEP

      768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkL7vFO:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkL8

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks