Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker

  • Size

    77KB

  • Sample

    240129-nkcp2sabbl

  • MD5

    1d4ebb9e1587421a497d7297b840cd35

  • SHA1

    556cf245f834403206f5b7b6db0b4a33df98b2be

  • SHA256

    df52b85187aac34c21e964818ca10d4c27d071e4339922ca325363764229a4d8

  • SHA512

    8f9666dc19d8899d45bce5d8341e34fa93a013c3df42a092876dd7cac45c3fd59a7a049fda845fbbc273dc623dab31362906216ce64fd39c96063a87a991d966

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOA+YSP75:T6a+rdOOtEvwDpjNb

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-01-29_1d4ebb9e1587421a497d7297b840cd35_cryptolocker

    • Size

      77KB

    • MD5

      1d4ebb9e1587421a497d7297b840cd35

    • SHA1

      556cf245f834403206f5b7b6db0b4a33df98b2be

    • SHA256

      df52b85187aac34c21e964818ca10d4c27d071e4339922ca325363764229a4d8

    • SHA512

      8f9666dc19d8899d45bce5d8341e34fa93a013c3df42a092876dd7cac45c3fd59a7a049fda845fbbc273dc623dab31362906216ce64fd39c96063a87a991d966

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOA+YSP75:T6a+rdOOtEvwDpjNb

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks