Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-14_600a09157a28bc827854f1af8595ecc4_cryptolocker

  • Size

    43KB

  • Sample

    240614-jw7bksvfkn

  • MD5

    600a09157a28bc827854f1af8595ecc4

  • SHA1

    5e4e97381161d27eabfb13c8b60153d0b5d62005

  • SHA256

    633e5012553c9ef80a7c1d622881662b36b54e87f68ba89ead0a63d5dcf6fdce

  • SHA512

    d3e2ffa366a5f8b9e7770008b49a5928f4c6813e2c36f6036199a678b204cce2cd464caac6cf6cd3a715b0eecc7f958dbedafd7f7fbfddd23473f84a19d3f150

  • SSDEEP

    768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZnTE:i5nkFGMOtEvwDpjR+viHsy

Score
10/10

Malware Config

Targets

    • Target

      2024-06-14_600a09157a28bc827854f1af8595ecc4_cryptolocker

    • Size

      43KB

    • MD5

      600a09157a28bc827854f1af8595ecc4

    • SHA1

      5e4e97381161d27eabfb13c8b60153d0b5d62005

    • SHA256

      633e5012553c9ef80a7c1d622881662b36b54e87f68ba89ead0a63d5dcf6fdce

    • SHA512

      d3e2ffa366a5f8b9e7770008b49a5928f4c6813e2c36f6036199a678b204cce2cd464caac6cf6cd3a715b0eecc7f958dbedafd7f7fbfddd23473f84a19d3f150

    • SSDEEP

      768:XS5nQJ24LR1bytOOtEvwDpj66BLbjG9Rva/yYsZnTE:i5nkFGMOtEvwDpjR+viHsy

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks