Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-20_b964898894760835e59b6b4cdceef8b8_cryptolocker

  • Size

    126KB

  • Sample

    240220-khak5adh5w

  • MD5

    b964898894760835e59b6b4cdceef8b8

  • SHA1

    2fb16a5b28835e1a780de74f938cdb5c981098ce

  • SHA256

    a7721a12af977f1ac27b8b4e647d76f8d28b7023960a054ba9cc1fe2c7365138

  • SHA512

    1415fcb8e41b0cd60922b37813ea1bdeac100b83442ba7ee798c42ace1f0829c373098addac03965c3241ae63d8f083827662d6b5078c1e269f86418a31f9c5d

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eTb:AnBdOOtEvwDpj6zt

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-20_b964898894760835e59b6b4cdceef8b8_cryptolocker

    • Size

      126KB

    • MD5

      b964898894760835e59b6b4cdceef8b8

    • SHA1

      2fb16a5b28835e1a780de74f938cdb5c981098ce

    • SHA256

      a7721a12af977f1ac27b8b4e647d76f8d28b7023960a054ba9cc1fe2c7365138

    • SHA512

      1415fcb8e41b0cd60922b37813ea1bdeac100b83442ba7ee798c42ace1f0829c373098addac03965c3241ae63d8f083827662d6b5078c1e269f86418a31f9c5d

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp699GNtL1eTb:AnBdOOtEvwDpj6zt

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks