Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker

  • Size

    38KB

  • Sample

    240418-3dxtzahh77

  • MD5

    5552d9c93ff3f4017866733bebaca569

  • SHA1

    007c5cdf7c10f7992bafc008c77848ff1d954919

  • SHA256

    b2aeab69ae04328a88486b5b0478678a92a15bc3c230cf8a8e2e7ec179e8f560

  • SHA512

    350e73866e5622cc083de44e06d4b836b13109893f709b56c72a45705c9adeea593cba83d6eba2e5b3d90f06a8e7ae6fe70c8ba2ee6ca1f3e1cf89782e26b508

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYak:qDdFJy3QMOtEvwDpjjWMl7Tdk

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-18_5552d9c93ff3f4017866733bebaca569_cryptolocker

    • Size

      38KB

    • MD5

      5552d9c93ff3f4017866733bebaca569

    • SHA1

      007c5cdf7c10f7992bafc008c77848ff1d954919

    • SHA256

      b2aeab69ae04328a88486b5b0478678a92a15bc3c230cf8a8e2e7ec179e8f560

    • SHA512

      350e73866e5622cc083de44e06d4b836b13109893f709b56c72a45705c9adeea593cba83d6eba2e5b3d90f06a8e7ae6fe70c8ba2ee6ca1f3e1cf89782e26b508

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYak:qDdFJy3QMOtEvwDpjjWMl7Tdk

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks