Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-22_4cf2a61eee5e341a99c27f510f6d4e8a_cryptolocker

  • Size

    87KB

  • Sample

    240222-x97fdsef88

  • MD5

    4cf2a61eee5e341a99c27f510f6d4e8a

  • SHA1

    c30e533605cc5fc78bda1dc58de1ee561931ca13

  • SHA256

    abef61aa480af3056ddb80ba152e8dee0b5f3d13d288e760c6b766fe45c4cfde

  • SHA512

    b0f6315397d8bfa6b0879c7b61583434186f81ccb552946d33a7634006a8646dc1c8834ce66dc2f47c7ecb5d4433c15deb9988cf33837feea15a53a84d1d6a19

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSv:AnBdOOtEvwDpj6zW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-22_4cf2a61eee5e341a99c27f510f6d4e8a_cryptolocker

    • Size

      87KB

    • MD5

      4cf2a61eee5e341a99c27f510f6d4e8a

    • SHA1

      c30e533605cc5fc78bda1dc58de1ee561931ca13

    • SHA256

      abef61aa480af3056ddb80ba152e8dee0b5f3d13d288e760c6b766fe45c4cfde

    • SHA512

      b0f6315397d8bfa6b0879c7b61583434186f81ccb552946d33a7634006a8646dc1c8834ce66dc2f47c7ecb5d4433c15deb9988cf33837feea15a53a84d1d6a19

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgSv:AnBdOOtEvwDpj6zW

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks