Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker

  • Size

    96KB

  • Sample

    240420-kefyqsce96

  • MD5

    62b89cde4629503c02210a385b551df6

  • SHA1

    f64ca65eea7680f940f6cc8a52d22d76964b5028

  • SHA256

    2f15c09dc613d992685f3de0c82a0170f2895e1ea04c465b253a14e5f9705c6c

  • SHA512

    fde0e9cdfc9b678ff70e15714aa7cb5d670fb67945a9d23b7d0f2439527bb22c19ce3dd62f473b5e26df3d23cf0f34b6445490e4d0f1625b205a3f572160856b

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYy9pL:AnBdOOtEvwDpj6zQ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-20_62b89cde4629503c02210a385b551df6_cryptolocker

    • Size

      96KB

    • MD5

      62b89cde4629503c02210a385b551df6

    • SHA1

      f64ca65eea7680f940f6cc8a52d22d76964b5028

    • SHA256

      2f15c09dc613d992685f3de0c82a0170f2895e1ea04c465b253a14e5f9705c6c

    • SHA512

      fde0e9cdfc9b678ff70e15714aa7cb5d670fb67945a9d23b7d0f2439527bb22c19ce3dd62f473b5e26df3d23cf0f34b6445490e4d0f1625b205a3f572160856b

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYy9pL:AnBdOOtEvwDpj6zQ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks