Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker

  • Size

    87KB

  • Sample

    240315-q7xd3saa8z

  • MD5

    9cc0d5d086f789dfd2fc4fbd5232d0d3

  • SHA1

    f9ae0fc38db2cb5579da7079b4d0dfcf4c3bf21f

  • SHA256

    5072b322649fd2ba89220ab24448035fa1db78a19705cc9e4b40c48c1a8ea65f

  • SHA512

    56a536ad529ccad5a66b2c4291993fd715ee4c8a030289ae46644e35e048757ac9b28027ce5fcd02a73f84c207eba623cdbb11e7b24a3e67312e913ef3c9de79

  • SSDEEP

    768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJ/q:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgn

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-15_9cc0d5d086f789dfd2fc4fbd5232d0d3_cryptolocker

    • Size

      87KB

    • MD5

      9cc0d5d086f789dfd2fc4fbd5232d0d3

    • SHA1

      f9ae0fc38db2cb5579da7079b4d0dfcf4c3bf21f

    • SHA256

      5072b322649fd2ba89220ab24448035fa1db78a19705cc9e4b40c48c1a8ea65f

    • SHA512

      56a536ad529ccad5a66b2c4291993fd715ee4c8a030289ae46644e35e048757ac9b28027ce5fcd02a73f84c207eba623cdbb11e7b24a3e67312e913ef3c9de79

    • SSDEEP

      768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIJ/q:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgn

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks