Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker

  • Size

    51KB

  • Sample

    240530-pp5gashh79

  • MD5

    a53c22b4454dacefe71e4635f1753169

  • SHA1

    de4057f6afc388cf5ecbff3a2a3c601b6437e4f0

  • SHA256

    c5fead6e01d1bcf573496897b4df39acefcbb29c0210b89bad7217850bacc0dc

  • SHA512

    c8d078e4f61602ef3fcb7e4fde9c67a61c880e9e0bd9c75c0fb50f44d30a3bcc9932efe84adb6d7d776f1c78a70e4d0ee2cc7dba99b27d5230d45e37e8c6302b

  • SSDEEP

    768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Moc54:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ+4

Score
10/10

Malware Config

Targets

    • Target

      2024-05-30_a53c22b4454dacefe71e4635f1753169_cryptolocker

    • Size

      51KB

    • MD5

      a53c22b4454dacefe71e4635f1753169

    • SHA1

      de4057f6afc388cf5ecbff3a2a3c601b6437e4f0

    • SHA256

      c5fead6e01d1bcf573496897b4df39acefcbb29c0210b89bad7217850bacc0dc

    • SHA512

      c8d078e4f61602ef3fcb7e4fde9c67a61c880e9e0bd9c75c0fb50f44d30a3bcc9932efe84adb6d7d776f1c78a70e4d0ee2cc7dba99b27d5230d45e37e8c6302b

    • SSDEEP

      768:qmOKYQDf5XdrDmjr5tOOtEvwDpjAajFEitQbDmoSQCVUBJUkQqAHBIG05W2Moc54:qmbhXDmjr5MOtEvwDpj5cDtKkQZQ+4

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks