Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-28_ec966fca1153abe7af090ac1e2ca304b_cryptolocker

  • Size

    78KB

  • Sample

    240228-tm3l5sfh33

  • MD5

    ec966fca1153abe7af090ac1e2ca304b

  • SHA1

    b03af9f4eb2816662106f7b6581eb967bbdc890f

  • SHA256

    4ef004782e1957f20664c756ff0e4134065d1a541ef514f1279496d19a45ace3

  • SHA512

    3e7bfe41cd1f558d65762501944c6fe95bf141d10acdac7fa5b3d580940bf60dd22df9a6d12d0b08df9c7fd28f6533abad3071ee04f67f59472d333520316f2a

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qx:zCsanOtEvwDpjF

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-02-28_ec966fca1153abe7af090ac1e2ca304b_cryptolocker

    • Size

      78KB

    • MD5

      ec966fca1153abe7af090ac1e2ca304b

    • SHA1

      b03af9f4eb2816662106f7b6581eb967bbdc890f

    • SHA256

      4ef004782e1957f20664c756ff0e4134065d1a541ef514f1279496d19a45ace3

    • SHA512

      3e7bfe41cd1f558d65762501944c6fe95bf141d10acdac7fa5b3d580940bf60dd22df9a6d12d0b08df9c7fd28f6533abad3071ee04f67f59472d333520316f2a

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qx:zCsanOtEvwDpjF

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks