Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-18_d1ee6b9c858eab3809fc1d903346fefd_cryptolocker

  • Size

    97KB

  • Sample

    240218-3pzspsga87

  • MD5

    d1ee6b9c858eab3809fc1d903346fefd

  • SHA1

    76f77dcc5720a3bdccd0ae434de6698dbb390389

  • SHA256

    7585e380b65465dcf264eae85c8ce6e2aa2d107256fc2ddf2a3cb3d4d962289e

  • SHA512

    849ab038e9bc9ea6f1594df9f34cd2eeeeaf9047ab9dd5f5341e85a306041d236f8f5b23adc235051e850526c622ec0a72b2ac28ed7011e23ca989855f2b14d0

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbbr/Bc:z6a+CdOOtEvwDpjcq

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-18_d1ee6b9c858eab3809fc1d903346fefd_cryptolocker

    • Size

      97KB

    • MD5

      d1ee6b9c858eab3809fc1d903346fefd

    • SHA1

      76f77dcc5720a3bdccd0ae434de6698dbb390389

    • SHA256

      7585e380b65465dcf264eae85c8ce6e2aa2d107256fc2ddf2a3cb3d4d962289e

    • SHA512

      849ab038e9bc9ea6f1594df9f34cd2eeeeaf9047ab9dd5f5341e85a306041d236f8f5b23adc235051e850526c622ec0a72b2ac28ed7011e23ca989855f2b14d0

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbbr/Bc:z6a+CdOOtEvwDpjcq

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks