Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-06_2f06ca826edfed1e884ba74b8f0f789a_cryptolocker

  • Size

    115KB

  • Sample

    240306-g7eplada3v

  • MD5

    2f06ca826edfed1e884ba74b8f0f789a

  • SHA1

    abba6f028d2edf89cdbd01eb9186143c6bae3bb9

  • SHA256

    dd0a0d678ec73db1b0aef7f0bcc11ff8265434ef0a9f6d6b2c5f3433fa338874

  • SHA512

    a141d76a0e0a7c2cc12877233614e60a76fbc017c638ef86e1c563c6e77152f08f2707c25a7f28a87addbbd68f95ac1d71ab15282285f4e47f3894e773b82cfb

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp0QVOg:z6a+CdOOtEvwDpjczs

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-06_2f06ca826edfed1e884ba74b8f0f789a_cryptolocker

    • Size

      115KB

    • MD5

      2f06ca826edfed1e884ba74b8f0f789a

    • SHA1

      abba6f028d2edf89cdbd01eb9186143c6bae3bb9

    • SHA256

      dd0a0d678ec73db1b0aef7f0bcc11ff8265434ef0a9f6d6b2c5f3433fa338874

    • SHA512

      a141d76a0e0a7c2cc12877233614e60a76fbc017c638ef86e1c563c6e77152f08f2707c25a7f28a87addbbd68f95ac1d71ab15282285f4e47f3894e773b82cfb

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp0QVOg:z6a+CdOOtEvwDpjczs

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks