Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker

  • Size

    64KB

  • Sample

    240127-yacbmsaef6

  • MD5

    7db6369e78e2e7d2564171e37fc7b9d8

  • SHA1

    759d037d2d47671d4b1be3b45b68cb72bd2e5996

  • SHA256

    f6104f1e9db601a9ba884901c2bf518969337e44074212ab907c75fadc68a12c

  • SHA512

    f40b361dd311a598a9aa4709746eb6e4b2655e4b9ba48a949557c3afd875c710dc3a7db3899d5c918724b28d4512c5f8beee65c8a000fa7358d1f2cf74fc44d5

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fu:T6a+rdOOtEvwDpjNO

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-27_7db6369e78e2e7d2564171e37fc7b9d8_cryptolocker

    • Size

      64KB

    • MD5

      7db6369e78e2e7d2564171e37fc7b9d8

    • SHA1

      759d037d2d47671d4b1be3b45b68cb72bd2e5996

    • SHA256

      f6104f1e9db601a9ba884901c2bf518969337e44074212ab907c75fadc68a12c

    • SHA512

      f40b361dd311a598a9aa4709746eb6e4b2655e4b9ba48a949557c3afd875c710dc3a7db3899d5c918724b28d4512c5f8beee65c8a000fa7358d1f2cf74fc44d5

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUa1Fu:T6a+rdOOtEvwDpjNO

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks