Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker

  • Size

    50KB

  • Sample

    240329-dyxx2age3z

  • MD5

    01bb0e22ada23acd462ad3393ebbabdf

  • SHA1

    6248749a570ad3865627d49e4a8bae9de109547e

  • SHA256

    a262fa7137f55829bb65057fdfa0bcbd91e5f3c40ea136b4432d2541d97ef6f2

  • SHA512

    1784c486f08e67a15b2aad4c57055927acbef5354d1d11848212ecc8a83499afeee87579c49070ca60b62ccd0c74914cf23aa41220eb87127986e50c928df224

  • SSDEEP

    1536:nP+4zs2cPszL3MOtEvwDpj4Hy7B3g9CWuAxWLQI:m4Q2ckzIOtEvwDpj4HYv

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-29_01bb0e22ada23acd462ad3393ebbabdf_cryptolocker

    • Size

      50KB

    • MD5

      01bb0e22ada23acd462ad3393ebbabdf

    • SHA1

      6248749a570ad3865627d49e4a8bae9de109547e

    • SHA256

      a262fa7137f55829bb65057fdfa0bcbd91e5f3c40ea136b4432d2541d97ef6f2

    • SHA512

      1784c486f08e67a15b2aad4c57055927acbef5354d1d11848212ecc8a83499afeee87579c49070ca60b62ccd0c74914cf23aa41220eb87127986e50c928df224

    • SSDEEP

      1536:nP+4zs2cPszL3MOtEvwDpj4Hy7B3g9CWuAxWLQI:m4Q2ckzIOtEvwDpj4HYv

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks