Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-22_cc87ff7ebd4ef4a12adcd81d6a6d66c9_cryptolocker

  • Size

    89KB

  • Sample

    240422-f1qylsgd4z

  • MD5

    cc87ff7ebd4ef4a12adcd81d6a6d66c9

  • SHA1

    468b0161737758f8531ef7290fb6cb396515bbd3

  • SHA256

    5e00795e3a3d1f7a03877fed059af937b892167054964786cd73963a54d7347c

  • SHA512

    bf8868eb57fc0bb3ad94adab4a213b5bc9995af4523a6a72504bd00b9513724eefbd234f68a05f1c491d6a3786d87b31afbc0673f1ea912980a4dba07c96db92

  • SSDEEP

    1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA2:n6a+1SEOtEvwDpjYYvQd2Pd

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-22_cc87ff7ebd4ef4a12adcd81d6a6d66c9_cryptolocker

    • Size

      89KB

    • MD5

      cc87ff7ebd4ef4a12adcd81d6a6d66c9

    • SHA1

      468b0161737758f8531ef7290fb6cb396515bbd3

    • SHA256

      5e00795e3a3d1f7a03877fed059af937b892167054964786cd73963a54d7347c

    • SHA512

      bf8868eb57fc0bb3ad94adab4a213b5bc9995af4523a6a72504bd00b9513724eefbd234f68a05f1c491d6a3786d87b31afbc0673f1ea912980a4dba07c96db92

    • SSDEEP

      1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA2:n6a+1SEOtEvwDpjYYvQd2Pd

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks