Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-25_b77b86f42ded510b3bb1d6d366408e33_cryptolocker

  • Size

    94KB

  • Sample

    240125-mhxf1aeefq

  • MD5

    b77b86f42ded510b3bb1d6d366408e33

  • SHA1

    1f5ab3788fee763b216a5ec70df96d139992011a

  • SHA256

    dd00866608d3473ef19cb3ca94908773cfced474ca7c4016e4ed688653ca845d

  • SHA512

    46547bd6e3461cdc0ba8b364d6dcc4cf067b70b0d0e01198110884f5e8051c5981008da0b9473f16a72dde9cfc276dc541a93e0376f3981e12c93715d91461b3

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01hT:AnBdOOtEvwDpj6z3

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-25_b77b86f42ded510b3bb1d6d366408e33_cryptolocker

    • Size

      94KB

    • MD5

      b77b86f42ded510b3bb1d6d366408e33

    • SHA1

      1f5ab3788fee763b216a5ec70df96d139992011a

    • SHA256

      dd00866608d3473ef19cb3ca94908773cfced474ca7c4016e4ed688653ca845d

    • SHA512

      46547bd6e3461cdc0ba8b364d6dcc4cf067b70b0d0e01198110884f5e8051c5981008da0b9473f16a72dde9cfc276dc541a93e0376f3981e12c93715d91461b3

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp01hT:AnBdOOtEvwDpj6z3

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks