Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-25_1a1de78450a2540e8ff1ebe3d908ba92_cryptolocker

  • Size

    57KB

  • Sample

    240525-yv2f9shb43

  • MD5

    1a1de78450a2540e8ff1ebe3d908ba92

  • SHA1

    638bcd3a4241080d65851199f8af0244e72aefaa

  • SHA256

    ad8265d4e8a3d8ec295b8ac7edb1db3f8d65cc21f3dde17f6a0912571ad98835

  • SHA512

    d6cafc0f34de14cab26ce3442922b1cc3aa796fd0393334ce22836574e1402f1c20bd1a9260871397eecc6895495b0e7ada9e0f2818c6fea0b1611fa20c18190

  • SSDEEP

    768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6H:6j+1NMOtEvwDpjr8oxExe6H

Score
10/10

Malware Config

Targets

    • Target

      2024-05-25_1a1de78450a2540e8ff1ebe3d908ba92_cryptolocker

    • Size

      57KB

    • MD5

      1a1de78450a2540e8ff1ebe3d908ba92

    • SHA1

      638bcd3a4241080d65851199f8af0244e72aefaa

    • SHA256

      ad8265d4e8a3d8ec295b8ac7edb1db3f8d65cc21f3dde17f6a0912571ad98835

    • SHA512

      d6cafc0f34de14cab26ce3442922b1cc3aa796fd0393334ce22836574e1402f1c20bd1a9260871397eecc6895495b0e7ada9e0f2818c6fea0b1611fa20c18190

    • SSDEEP

      768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6H:6j+1NMOtEvwDpjr8oxExe6H

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks