Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker

  • Size

    89KB

  • Sample

    240416-kpmh9sdg35

  • MD5

    cc7d6aca6a99556baddb8d432368b86d

  • SHA1

    c0944e8cf4d2eb6fbd7dcf9ee0e91cf64d5f6ace

  • SHA256

    b26521fa55e9ddd02522294affcda1815c6c736387c718c1ff7a42559662ce7b

  • SHA512

    04e7219e584b53cd3408afa67c754be9b4faac32182cccc81d1a6ccf53abae11ecbc168aed576b707fdd5e0f0507009fb8b852ffe3d7c7dd820b102c707b31fb

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-16_cc7d6aca6a99556baddb8d432368b86d_cryptolocker

    • Size

      89KB

    • MD5

      cc7d6aca6a99556baddb8d432368b86d

    • SHA1

      c0944e8cf4d2eb6fbd7dcf9ee0e91cf64d5f6ace

    • SHA256

      b26521fa55e9ddd02522294affcda1815c6c736387c718c1ff7a42559662ce7b

    • SHA512

      04e7219e584b53cd3408afa67c754be9b4faac32182cccc81d1a6ccf53abae11ecbc168aed576b707fdd5e0f0507009fb8b852ffe3d7c7dd820b102c707b31fb

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgddH:AnBdOOtEvwDpj6zz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks