Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-05_6ace1909b66e50b571440485fd8ded79_cryptolocker

  • Size

    117KB

  • Sample

    240405-s29tbsfg8w

  • MD5

    6ace1909b66e50b571440485fd8ded79

  • SHA1

    eaee3e4b9321b413459da0be45d787b63e744f49

  • SHA256

    cf488cd3731d05806b7334b2e6f8b57d947eab17d439be0c0be58b9e9f506a0d

  • SHA512

    2a0666edfba678010326ed32301fdd5f99d68e996d7561230dbc7ad3c128baeb942980e29f9b12291e454d0e8e985c26b65d44b7e3a61ae6d89188f6ac61bb2c

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp010:z6a+CdOOtEvwDpjczi

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-05_6ace1909b66e50b571440485fd8ded79_cryptolocker

    • Size

      117KB

    • MD5

      6ace1909b66e50b571440485fd8ded79

    • SHA1

      eaee3e4b9321b413459da0be45d787b63e744f49

    • SHA256

      cf488cd3731d05806b7334b2e6f8b57d947eab17d439be0c0be58b9e9f506a0d

    • SHA512

      2a0666edfba678010326ed32301fdd5f99d68e996d7561230dbc7ad3c128baeb942980e29f9b12291e454d0e8e985c26b65d44b7e3a61ae6d89188f6ac61bb2c

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgp010:z6a+CdOOtEvwDpjczi

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks