Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker

  • Size

    36KB

  • Sample

    240415-zs8m8sgc45

  • MD5

    d1fbaf2b042a319863342fee1d9e854e

  • SHA1

    39182569bb5c4310670884f0e5bdcb9f23815ec7

  • SHA256

    099f2c9f341e07bf055d481973759aa2b1f3a86a71ee3817ce046cd11712c894

  • SHA512

    ce3ec0b6bf7c4e81008795f1b302bbe8a0671f1f77061f9f3d31bf0e079c08e75f3e9aec06aaeba68c054fe2e5adb8cceb32512c4161df414b519cd53f7aa357

  • SSDEEP

    768:b7W5A8WtijKeOcfXor3BPOz5CFBmNuFgM:b7W5AWjTGx02

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-15_d1fbaf2b042a319863342fee1d9e854e_cryptolocker

    • Size

      36KB

    • MD5

      d1fbaf2b042a319863342fee1d9e854e

    • SHA1

      39182569bb5c4310670884f0e5bdcb9f23815ec7

    • SHA256

      099f2c9f341e07bf055d481973759aa2b1f3a86a71ee3817ce046cd11712c894

    • SHA512

      ce3ec0b6bf7c4e81008795f1b302bbe8a0671f1f77061f9f3d31bf0e079c08e75f3e9aec06aaeba68c054fe2e5adb8cceb32512c4161df414b519cd53f7aa357

    • SSDEEP

      768:b7W5A8WtijKeOcfXor3BPOz5CFBmNuFgM:b7W5AWjTGx02

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks