Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker

  • Size

    125KB

  • Sample

    240218-r5y1kabh43

  • MD5

    cdfb7ef0c116dd9ec2409b337b56cee0

  • SHA1

    3946ab6c3169406bc7efa2e255c562bc125ce360

  • SHA256

    889abd290b440b07d6fbda9603893f221a04dbab168314f1a0798a3b63cfc934

  • SHA512

    bbdcdf65f0ce7dacb2e14bf1f9a0b33da8428eaeed37ad389341d438c104c4c20aefd8e2af60e55fd500ce560743ce71c662ac165de92bdfaabab930d87d453a

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eU:AnBdOOtEvwDpj6za

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-18_cdfb7ef0c116dd9ec2409b337b56cee0_cryptolocker

    • Size

      125KB

    • MD5

      cdfb7ef0c116dd9ec2409b337b56cee0

    • SHA1

      3946ab6c3169406bc7efa2e255c562bc125ce360

    • SHA256

      889abd290b440b07d6fbda9603893f221a04dbab168314f1a0798a3b63cfc934

    • SHA512

      bbdcdf65f0ce7dacb2e14bf1f9a0b33da8428eaeed37ad389341d438c104c4c20aefd8e2af60e55fd500ce560743ce71c662ac165de92bdfaabab930d87d453a

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eU:AnBdOOtEvwDpj6za

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks