Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-25_97a294ca200e4168a8a6e46732ab223c_cryptolocker

  • Size

    64KB

  • Sample

    240525-zv43tsad2x

  • MD5

    97a294ca200e4168a8a6e46732ab223c

  • SHA1

    440be7d2edc7cb66d45df2869543300c2b45bf2b

  • SHA256

    559fbdc29c5fffcf6338aaf976e6edbf10616fb68ca1d00ca2eecf93cdb33823

  • SHA512

    dcf01ffed88b9bd571225aca55a916498545643506edb7021d08adb622709a6b88b1d34ce6fe057d0f88674ed26f585d1995cab093dec1fbd126bc0999a40e69

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiZ:BbdDmjr+OtEvwDpjM8g

Score
10/10

Malware Config

Targets

    • Target

      2024-05-25_97a294ca200e4168a8a6e46732ab223c_cryptolocker

    • Size

      64KB

    • MD5

      97a294ca200e4168a8a6e46732ab223c

    • SHA1

      440be7d2edc7cb66d45df2869543300c2b45bf2b

    • SHA256

      559fbdc29c5fffcf6338aaf976e6edbf10616fb68ca1d00ca2eecf93cdb33823

    • SHA512

      dcf01ffed88b9bd571225aca55a916498545643506edb7021d08adb622709a6b88b1d34ce6fe057d0f88674ed26f585d1995cab093dec1fbd126bc0999a40e69

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb61vSbgtsiZ:BbdDmjr+OtEvwDpjM8g

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks