Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker

  • Size

    56KB

  • Sample

    240126-ctsxvaccb2

  • MD5

    06c864b764d59b4b4f05d39fc7171b2e

  • SHA1

    74afbdf27f7108ed0ed136810a78dd708be237df

  • SHA256

    309151278f65310dfe4156c365285fc4b7dc34dcf712f76e761dccd8d59a1526

  • SHA512

    9ca00be67a3b6250968eda23aaf084aa27faecab261fa6c7c20e40ebb84f88d3c2e469b5b1b006011b33cdfb87d9ffc2df72f70b1f01d74d63193df6d37417fa

  • SSDEEP

    768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLzbO:zj+soPSMOtEvwDpj4yzbO

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-26_06c864b764d59b4b4f05d39fc7171b2e_cryptolocker

    • Size

      56KB

    • MD5

      06c864b764d59b4b4f05d39fc7171b2e

    • SHA1

      74afbdf27f7108ed0ed136810a78dd708be237df

    • SHA256

      309151278f65310dfe4156c365285fc4b7dc34dcf712f76e761dccd8d59a1526

    • SHA512

      9ca00be67a3b6250968eda23aaf084aa27faecab261fa6c7c20e40ebb84f88d3c2e469b5b1b006011b33cdfb87d9ffc2df72f70b1f01d74d63193df6d37417fa

    • SSDEEP

      768:zQz7yVEhs9+syJP6ntOOtEvwDpjFeV0ZOfcpLzbO:zj+soPSMOtEvwDpj4yzbO

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks