Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-23_8a1ea16fa6b2bfa3b5b822b7c088aca4_cryptolocker

  • Size

    62KB

  • Sample

    240223-my4j9afa3t

  • MD5

    8a1ea16fa6b2bfa3b5b822b7c088aca4

  • SHA1

    2c73bf04689b8ea9059438c35a0e9af4320c2700

  • SHA256

    429f0990c4883fbb1708972402617fca272c90a20fa6294490f6b43501711ea8

  • SHA512

    30fc9101cd8f820099aadd0e99be78c8463606e0947343049fb4a2390fc676b2ab3bcf19266bbe94aae2f505d27ca6123dc00c0a73f03da1b731d5394d20dca8

  • SSDEEP

    768:T6LsoEEeegiZPvEhHSG+gkum/kLyMro2GtOOtEvwDpjhXMLamkc8J5S9UEp:T6QFElP6n+gxmddpMOtEvwDpjwa38L

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-23_8a1ea16fa6b2bfa3b5b822b7c088aca4_cryptolocker

    • Size

      62KB

    • MD5

      8a1ea16fa6b2bfa3b5b822b7c088aca4

    • SHA1

      2c73bf04689b8ea9059438c35a0e9af4320c2700

    • SHA256

      429f0990c4883fbb1708972402617fca272c90a20fa6294490f6b43501711ea8

    • SHA512

      30fc9101cd8f820099aadd0e99be78c8463606e0947343049fb4a2390fc676b2ab3bcf19266bbe94aae2f505d27ca6123dc00c0a73f03da1b731d5394d20dca8

    • SSDEEP

      768:T6LsoEEeegiZPvEhHSG+gkum/kLyMro2GtOOtEvwDpjhXMLamkc8J5S9UEp:T6QFElP6n+gxmddpMOtEvwDpjwa38L

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks