Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-26_eb7a0f441398c893027baf838ce7e2d1_cryptolocker

  • Size

    83KB

  • Sample

    240526-hmp59sae3y

  • MD5

    eb7a0f441398c893027baf838ce7e2d1

  • SHA1

    8ecd22e6e1298a75fc38cbe8e16f2c40e4d0d4a0

  • SHA256

    6540144d17a4f9dd65fadfc3559aa02ed94255490033e2697f831f45472293d7

  • SHA512

    27d990f091d2a5163ed9a61ca79d0ff12deae1b3118b89d00dc7010e9991cb395c684acd7415b726be20165f38792b972d13df288af162e909826837a8cb9b01

  • SSDEEP

    1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrhcx:TCjsIOtEvwDpj5HE/OUHnSMQx

Score
10/10

Malware Config

Targets

    • Target

      2024-05-26_eb7a0f441398c893027baf838ce7e2d1_cryptolocker

    • Size

      83KB

    • MD5

      eb7a0f441398c893027baf838ce7e2d1

    • SHA1

      8ecd22e6e1298a75fc38cbe8e16f2c40e4d0d4a0

    • SHA256

      6540144d17a4f9dd65fadfc3559aa02ed94255490033e2697f831f45472293d7

    • SHA512

      27d990f091d2a5163ed9a61ca79d0ff12deae1b3118b89d00dc7010e9991cb395c684acd7415b726be20165f38792b972d13df288af162e909826837a8cb9b01

    • SSDEEP

      1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrhcx:TCjsIOtEvwDpj5HE/OUHnSMQx

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks