Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-04-19...er.exe

windows7-x64

9

2024-04-19...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-19_c18103db978ebc6748511b8356643bbb_cryptolocker

  • Size

    96KB

  • Sample

    240419-jhx6rada4s

  • MD5

    c18103db978ebc6748511b8356643bbb

  • SHA1

    917655abc16e578d48d437ec40e430576a1c1580

  • SHA256

    c770edf30cad35647eae9a72286bdea8c1c7e22b5251f3db5a3bf476bda16c36

  • SHA512

    922241f8439e4187c9569ed61b75e74ae1737ad7080d8a4a586dd2855169caed7d3a6764a79bf11ba09568fe45a56d6cbfca7013b23e3def14e6beec8bcbb870

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/bC:zCsanOtEvwDpjB+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-19_c18103db978ebc6748511b8356643bbb_cryptolocker

    • Size

      96KB

    • MD5

      c18103db978ebc6748511b8356643bbb

    • SHA1

      917655abc16e578d48d437ec40e430576a1c1580

    • SHA256

      c770edf30cad35647eae9a72286bdea8c1c7e22b5251f3db5a3bf476bda16c36

    • SHA512

      922241f8439e4187c9569ed61b75e74ae1737ad7080d8a4a586dd2855169caed7d3a6764a79bf11ba09568fe45a56d6cbfca7013b23e3def14e6beec8bcbb870

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/bC:zCsanOtEvwDpjB+

    Score
    9/10
    upx

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks