Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker

  • Size

    107KB

  • Sample

    240128-zchrwabcam

  • MD5

    9976ca13aeeffdeb9c4481c44ab34051

  • SHA1

    1dde9c58a127cc5ac40b4d901f6fe4547b60f05e

  • SHA256

    0a3ce3f28c20ae262d3330ee7c3f4ac231ca96de1beb7e5be69ad4f0acb50be4

  • SHA512

    2935edb15f7d28a8978ee6c29113a1bcc2710671a0a91229e3fd8014cb106aaec0b293961c0cedd0ff5dffb57ed8fafdb44e26124b3a24d9f8b7635104ed699f

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEG:1nK6a+qdOOtEvwDpj0

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-28_9976ca13aeeffdeb9c4481c44ab34051_cryptolocker

    • Size

      107KB

    • MD5

      9976ca13aeeffdeb9c4481c44ab34051

    • SHA1

      1dde9c58a127cc5ac40b4d901f6fe4547b60f05e

    • SHA256

      0a3ce3f28c20ae262d3330ee7c3f4ac231ca96de1beb7e5be69ad4f0acb50be4

    • SHA512

      2935edb15f7d28a8978ee6c29113a1bcc2710671a0a91229e3fd8014cb106aaec0b293961c0cedd0ff5dffb57ed8fafdb44e26124b3a24d9f8b7635104ed699f

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsalRn5iF1j6GksgEG:1nK6a+qdOOtEvwDpj0

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks