Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker

  • Size

    86KB

  • Sample

    240314-s224gsfh31

  • MD5

    654946c5af63a955cbb4836fb4b01e90

  • SHA1

    760bc71622ea30d6437dd7f0c1d4bf56bfb7b085

  • SHA256

    45549e88ede5114340b538d6f46817a86d1ff99ef968ee36129c411d80c15477

  • SHA512

    cead2aafaa1d90db81b76b85ad2579b65063416ecf64bcdc9d69f8ff2cb4da5c6ece0115617257831996d749442a54e67e617608ec3c617aa0e7d9a0805779cf

  • SSDEEP

    768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIgj6J:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-14_654946c5af63a955cbb4836fb4b01e90_cryptolocker

    • Size

      86KB

    • MD5

      654946c5af63a955cbb4836fb4b01e90

    • SHA1

      760bc71622ea30d6437dd7f0c1d4bf56bfb7b085

    • SHA256

      45549e88ede5114340b538d6f46817a86d1ff99ef968ee36129c411d80c15477

    • SHA512

      cead2aafaa1d90db81b76b85ad2579b65063416ecf64bcdc9d69f8ff2cb4da5c6ece0115617257831996d749442a54e67e617608ec3c617aa0e7d9a0805779cf

    • SSDEEP

      768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIgj6J:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgi

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks