Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker

  • Size

    61KB

  • Sample

    240217-jqa17acf4t

  • MD5

    c483ff063146e1efe12403550600ee69

  • SHA1

    cfe8ef09717ee1b99d37d2444730abbff7cac07f

  • SHA256

    5a71ec0fca52d36a0fa5e7aedae9b26af9bb1741b896af3dc24890197ab5730a

  • SHA512

    c5bf257d59d6819bd2ff53cabee3ea16f0f8745aea0ced57438e20cebd695b0abdb2336d8cfcf1f0cf28d42d65a20ecebf2b03877c36b46fc1d67994dfdbf1c7

  • SSDEEP

    768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVs:zj+soPSMOtEvwDpj4kpmeLmnS

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-17_c483ff063146e1efe12403550600ee69_cryptolocker

    • Size

      61KB

    • MD5

      c483ff063146e1efe12403550600ee69

    • SHA1

      cfe8ef09717ee1b99d37d2444730abbff7cac07f

    • SHA256

      5a71ec0fca52d36a0fa5e7aedae9b26af9bb1741b896af3dc24890197ab5730a

    • SHA512

      c5bf257d59d6819bd2ff53cabee3ea16f0f8745aea0ced57438e20cebd695b0abdb2336d8cfcf1f0cf28d42d65a20ecebf2b03877c36b46fc1d67994dfdbf1c7

    • SSDEEP

      768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVs:zj+soPSMOtEvwDpj4kpmeLmnS

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks