Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker

  • Size

    80KB

  • Sample

    240214-nqgwysab85

  • MD5

    2868f806212c11a7976c3238a67cdb98

  • SHA1

    b5965929283b5655b0dee1182c3ee402ce4b8223

  • SHA256

    3fd81deecc19fc44097040f7136aff63b6e67a07d10a929ab6f213a0a90343ca

  • SHA512

    7ead7f661d46f941ebecd27bf523eda677c4c75050d830ca3cad0185b9ebf9c6b356f913092bfe8dde5295d0df7bd64834c0803ae9c19920bab3b787f72900fe

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd08:T6a+rdOOtEvwDpjNtD

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-14_2868f806212c11a7976c3238a67cdb98_cryptolocker

    • Size

      80KB

    • MD5

      2868f806212c11a7976c3238a67cdb98

    • SHA1

      b5965929283b5655b0dee1182c3ee402ce4b8223

    • SHA256

      3fd81deecc19fc44097040f7136aff63b6e67a07d10a929ab6f213a0a90343ca

    • SHA512

      7ead7f661d46f941ebecd27bf523eda677c4c75050d830ca3cad0185b9ebf9c6b356f913092bfe8dde5295d0df7bd64834c0803ae9c19920bab3b787f72900fe

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBd08:T6a+rdOOtEvwDpjNtD

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks