Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker

  • Size

    65KB

  • Sample

    240218-d8dbdadd5y

  • MD5

    77604a2c7a05bd854b81a9e27c5724f7

  • SHA1

    16140367d6c298578822ba45c537ace625c0aa96

  • SHA256

    8bca1ff5a4aad33378ef7c26187297cb0f85805dd5b726751ebc7d2c2a751b90

  • SHA512

    16f7b80b79e51ac533fdac4971e8525726abc76097c0999dbd7f11986facaa4cb6634af5a2c341b4465c2fa050cfc143e6cdfecb3345a646dc128e2569a3efc3

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYjc3CBX:1nK6a+qdOOtEvwDpjsX

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-18_77604a2c7a05bd854b81a9e27c5724f7_cryptolocker

    • Size

      65KB

    • MD5

      77604a2c7a05bd854b81a9e27c5724f7

    • SHA1

      16140367d6c298578822ba45c537ace625c0aa96

    • SHA256

      8bca1ff5a4aad33378ef7c26187297cb0f85805dd5b726751ebc7d2c2a751b90

    • SHA512

      16f7b80b79e51ac533fdac4971e8525726abc76097c0999dbd7f11986facaa4cb6634af5a2c341b4465c2fa050cfc143e6cdfecb3345a646dc128e2569a3efc3

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYjc3CBX:1nK6a+qdOOtEvwDpjsX

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks