Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker

  • Size

    36KB

  • Sample

    240415-l8qkpsca28

  • MD5

    c86e753ecd2712a2f05f6a6291278235

  • SHA1

    64ca7fd4b10cee49ab9c334bc427a7b207a9bcd6

  • SHA256

    c7266d9f4a78f8871d9a56f7be6e9de591fe27c233e299836a43fa6b40b13c82

  • SHA512

    7b15efb19a4edc8c04e22b1621ec576b877369c1a5fc2a943fbe2c4724cdb08ac872415d48b56a7d65ef72e28119fa4a3528104257d2b400a9669bf6cbda942b

  • SSDEEP

    768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKp:qUmnpomddpMOtEvwDpjjaYaq

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-15_c86e753ecd2712a2f05f6a6291278235_cryptolocker

    • Size

      36KB

    • MD5

      c86e753ecd2712a2f05f6a6291278235

    • SHA1

      64ca7fd4b10cee49ab9c334bc427a7b207a9bcd6

    • SHA256

      c7266d9f4a78f8871d9a56f7be6e9de591fe27c233e299836a43fa6b40b13c82

    • SHA512

      7b15efb19a4edc8c04e22b1621ec576b877369c1a5fc2a943fbe2c4724cdb08ac872415d48b56a7d65ef72e28119fa4a3528104257d2b400a9669bf6cbda942b

    • SSDEEP

      768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axKp:qUmnpomddpMOtEvwDpjjaYaq

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks