Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker

  • Size

    96KB

  • Sample

    240422-f45wyagc94

  • MD5

    df366692aa399ed352c4a884b7644e51

  • SHA1

    61249d74c0a77da8172335c6eb6c98aa8466e281

  • SHA256

    61c7b3e79d53bae55e2aa1cc159842fe1057558b4a3edcb24144fb75972946cd

  • SHA512

    fa1646ac51e2d5426e55f7e549837f7cb1b2de201911fc7f1d458fc5f81a1af5ebe59ca71009bb7ce9cecbef15bef0cfd4544d971f29ac4cefc9ba3ef70f9428

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/by:zCsanOtEvwDpjB+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-22_df366692aa399ed352c4a884b7644e51_cryptolocker

    • Size

      96KB

    • MD5

      df366692aa399ed352c4a884b7644e51

    • SHA1

      61249d74c0a77da8172335c6eb6c98aa8466e281

    • SHA256

      61c7b3e79d53bae55e2aa1cc159842fe1057558b4a3edcb24144fb75972946cd

    • SHA512

      fa1646ac51e2d5426e55f7e549837f7cb1b2de201911fc7f1d458fc5f81a1af5ebe59ca71009bb7ce9cecbef15bef0cfd4544d971f29ac4cefc9ba3ef70f9428

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/by:zCsanOtEvwDpjB+

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks