Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-16_0c79175d37435b9e0cf1ee97785521d1_cryptolocker

  • Size

    71KB

  • Sample

    240316-me35daha4x

  • MD5

    0c79175d37435b9e0cf1ee97785521d1

  • SHA1

    f0c96e7dca11a0a1bf6178d2f23f021600ac402e

  • SHA256

    05b68ef797b3e18a0c1f9193b2923be82fc7c1cf3efa6d462b973464b69b530c

  • SHA512

    7f249c9323795d703aec102def3a3dd6e618d71f7b26dd90ac2767cbc8f69f05c1caadfce266ff1a306e910d2279b8f6e138cf6ada765c58978da768896fc92e

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAeBA:z6a+CdOOtEvwDpjQe

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-16_0c79175d37435b9e0cf1ee97785521d1_cryptolocker

    • Size

      71KB

    • MD5

      0c79175d37435b9e0cf1ee97785521d1

    • SHA1

      f0c96e7dca11a0a1bf6178d2f23f021600ac402e

    • SHA256

      05b68ef797b3e18a0c1f9193b2923be82fc7c1cf3efa6d462b973464b69b530c

    • SHA512

      7f249c9323795d703aec102def3a3dd6e618d71f7b26dd90ac2767cbc8f69f05c1caadfce266ff1a306e910d2279b8f6e138cf6ada765c58978da768896fc92e

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj9aYaFAeBA:z6a+CdOOtEvwDpjQe

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks