Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker

  • Size

    117KB

  • Sample

    240224-lqbzlaga88

  • MD5

    97d423bfc5d26687fd06f11c68eb3147

  • SHA1

    0c03e5529c89b50839f15e8a6274bc989bc8df5b

  • SHA256

    6397b07471490f59607f2679626dba6561753e93eb263c69a3b17a30ae2f8adb

  • SHA512

    06bb65d6f1c592fc7d84bc3a114004244c1be7e2be833937904417104ccd68dff530c38dbbeb4815e834e44aa518dbe4e7e7fd0dbaa2f225f8905a5c40bb55f3

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp01QaA:z6a+CdOOtEvwDpjczW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-24_97d423bfc5d26687fd06f11c68eb3147_cryptolocker

    • Size

      117KB

    • MD5

      97d423bfc5d26687fd06f11c68eb3147

    • SHA1

      0c03e5529c89b50839f15e8a6274bc989bc8df5b

    • SHA256

      6397b07471490f59607f2679626dba6561753e93eb263c69a3b17a30ae2f8adb

    • SHA512

      06bb65d6f1c592fc7d84bc3a114004244c1be7e2be833937904417104ccd68dff530c38dbbeb4815e834e44aa518dbe4e7e7fd0dbaa2f225f8905a5c40bb55f3

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp01QaA:z6a+CdOOtEvwDpjczW

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks