Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker

  • Size

    63KB

  • Sample

    240329-erq2ksaa63

  • MD5

    ea25d6e042fbbdbcd53519bfe58bba1d

  • SHA1

    bbb887bf005d499284ab2e2b1262cb1b7df88e14

  • SHA256

    61ab4acf8f5df56aeae5bcde1df99ccff9923ddb63a4a4605be30b67115319d0

  • SHA512

    9a9bbc9067d3cf2dddf4ee89d9eebf88aaa1dcd52b0f904971f00e92ab0285c8b35c68dfc3a46eb6b986529aec5d35787a636436681fe2adefa114baac021726

  • SSDEEP

    768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVwfX7:zj+soPSMOtEvwDpj4kpmeLmnw7

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-03-29_ea25d6e042fbbdbcd53519bfe58bba1d_cryptolocker

    • Size

      63KB

    • MD5

      ea25d6e042fbbdbcd53519bfe58bba1d

    • SHA1

      bbb887bf005d499284ab2e2b1262cb1b7df88e14

    • SHA256

      61ab4acf8f5df56aeae5bcde1df99ccff9923ddb63a4a4605be30b67115319d0

    • SHA512

      9a9bbc9067d3cf2dddf4ee89d9eebf88aaa1dcd52b0f904971f00e92ab0285c8b35c68dfc3a46eb6b986529aec5d35787a636436681fe2adefa114baac021726

    • SSDEEP

      768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mnVwfX7:zj+soPSMOtEvwDpj4kpmeLmnw7

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks