Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker

  • Size

    57KB

  • Sample

    240328-dygaaadf9x

  • MD5

    0246340b9ca915387c85df4645c336ea

  • SHA1

    f6caeb7b4409bbac8811f3de63f3d9a066a8cfe0

  • SHA256

    72a34ac5aabd8009dbee2acd2fdb6be62bfb29fa16e65384e22887c46192ea85

  • SHA512

    bb4117d6d8c021fb13435b66f458fa601762b3a72c3781e773c6bc27d3e7c813bf6c2fab15ed0726b98f904de094aa0730a5be9dae9b9d4ad8f33fc2a5866d3f

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj9aYa9mpLI:z6a+CdOOtEvwDpjQP

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-28_0246340b9ca915387c85df4645c336ea_cryptolocker

    • Size

      57KB

    • MD5

      0246340b9ca915387c85df4645c336ea

    • SHA1

      f6caeb7b4409bbac8811f3de63f3d9a066a8cfe0

    • SHA256

      72a34ac5aabd8009dbee2acd2fdb6be62bfb29fa16e65384e22887c46192ea85

    • SHA512

      bb4117d6d8c021fb13435b66f458fa601762b3a72c3781e773c6bc27d3e7c813bf6c2fab15ed0726b98f904de094aa0730a5be9dae9b9d4ad8f33fc2a5866d3f

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj9aYa9mpLI:z6a+CdOOtEvwDpjQP

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks