Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker

  • Size

    88KB

  • Sample

    240223-sdvz9sce8x

  • MD5

    531b1f068781d8d656db25dae5a04895

  • SHA1

    15b4a519f48dc903dbe6eb197e3a4b21872c915f

  • SHA256

    b6eff88fe5c80a21524ddf67a0f68529fb648196eada34849898094e2bda086f

  • SHA512

    fcaee05173c711b3e2a16a625b11158a47bc7f37b4104e77dc134adbd66adf1a1aabda578c53940a10092ef758f0c6dd217433bbc515577f888b220265724db5

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgL9:AnBdOOtEvwDpj6zF

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-23_531b1f068781d8d656db25dae5a04895_cryptolocker

    • Size

      88KB

    • MD5

      531b1f068781d8d656db25dae5a04895

    • SHA1

      15b4a519f48dc903dbe6eb197e3a4b21872c915f

    • SHA256

      b6eff88fe5c80a21524ddf67a0f68529fb648196eada34849898094e2bda086f

    • SHA512

      fcaee05173c711b3e2a16a625b11158a47bc7f37b4104e77dc134adbd66adf1a1aabda578c53940a10092ef758f0c6dd217433bbc515577f888b220265724db5

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgL9:AnBdOOtEvwDpj6zF

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks