Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-18_c4f217d3dbb6508ad81666fd2dabe802_cryptolocker

  • Size

    88KB

  • Sample

    240418-fv871aca82

  • MD5

    c4f217d3dbb6508ad81666fd2dabe802

  • SHA1

    b98e1636dcf66d5d8e1a0d0cdc53647d74dccde0

  • SHA256

    fb001335afbb66bf1d0bd50fcb94d4465b4b0040a8224292adff3939b4c57c44

  • SHA512

    f5d328dedeae13421c2c80b0623aaab4f0cdf07fca0a6dd177203d4e43a6ed0ed3b119cfdfb68d72b8635feab41d30bbe05e6de099c2cc5d6f3509885be81f11

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgIk:AnBdOOtEvwDpj6zt

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-18_c4f217d3dbb6508ad81666fd2dabe802_cryptolocker

    • Size

      88KB

    • MD5

      c4f217d3dbb6508ad81666fd2dabe802

    • SHA1

      b98e1636dcf66d5d8e1a0d0cdc53647d74dccde0

    • SHA256

      fb001335afbb66bf1d0bd50fcb94d4465b4b0040a8224292adff3939b4c57c44

    • SHA512

      f5d328dedeae13421c2c80b0623aaab4f0cdf07fca0a6dd177203d4e43a6ed0ed3b119cfdfb68d72b8635feab41d30bbe05e6de099c2cc5d6f3509885be81f11

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgIk:AnBdOOtEvwDpj6zt

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks