Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-10_3769be4f198e9b264591b945b4d87be5_cryptolocker

  • Size

    117KB

  • Sample

    240410-t3aw3aea38

  • MD5

    3769be4f198e9b264591b945b4d87be5

  • SHA1

    7edf4eb2cfe39d72ab294387cbf1d5c185e8e948

  • SHA256

    ca049f65bd35375f5219be8d64ffe83ec8560e921631b30c032388e057460925

  • SHA512

    7deecaf5a2512c7e7e31308810846a8b5f5b262d373d1cf56abae33324a1db97e5e3dc3581b6a3c183909bceb4ced10a6f2b22da997c28bfdf48951dedb4f33d

  • SSDEEP

    1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgpYICSC:z6a+CdOOtEvwDpjczl

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-10_3769be4f198e9b264591b945b4d87be5_cryptolocker

    • Size

      117KB

    • MD5

      3769be4f198e9b264591b945b4d87be5

    • SHA1

      7edf4eb2cfe39d72ab294387cbf1d5c185e8e948

    • SHA256

      ca049f65bd35375f5219be8d64ffe83ec8560e921631b30c032388e057460925

    • SHA512

      7deecaf5a2512c7e7e31308810846a8b5f5b262d373d1cf56abae33324a1db97e5e3dc3581b6a3c183909bceb4ced10a6f2b22da997c28bfdf48951dedb4f33d

    • SSDEEP

      1536:z6QFElP6n+gKmddpMOtEvwDpj3GYQbN/PKwNgpYICSC:z6a+CdOOtEvwDpjczl

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks