Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-12_524c875c55b48ca4e96c646293924d39_cryptolocker

  • Size

    43KB

  • Sample

    240612-tcglxsvbmp

  • MD5

    524c875c55b48ca4e96c646293924d39

  • SHA1

    890a2fe6c5139cc9e89f124ee14b33bb20091901

  • SHA256

    90f64e81fb955b48891c59fb00110f13fa35ceeb52805babe04b2601dd241455

  • SHA512

    98393859a59c1f07f1842728d80bdd3a224e3920d8fc397a8e6b68c544332707eb8033fb7f0e61708685aff862f434d36480ad07cabeab4ef643f25315b829f9

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhl:i5nkFGMOtEvwDpjR+viHshNT

Score
10/10

Malware Config

Targets

    • Target

      2024-06-12_524c875c55b48ca4e96c646293924d39_cryptolocker

    • Size

      43KB

    • MD5

      524c875c55b48ca4e96c646293924d39

    • SHA1

      890a2fe6c5139cc9e89f124ee14b33bb20091901

    • SHA256

      90f64e81fb955b48891c59fb00110f13fa35ceeb52805babe04b2601dd241455

    • SHA512

      98393859a59c1f07f1842728d80bdd3a224e3920d8fc397a8e6b68c544332707eb8033fb7f0e61708685aff862f434d36480ad07cabeab4ef643f25315b829f9

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYshNhl:i5nkFGMOtEvwDpjR+viHshNT

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks