Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker

  • Size

    38KB

  • Sample

    240424-b1qkmadg7t

  • MD5

    edd9166edbf6fbc22b15afc7f9b8bf90

  • SHA1

    e36cb39d54bb3b6cd83351c4affba09fd2210ee5

  • SHA256

    4105ca482dae3c6fba5eb44df4aec3795de037b52ba80f0973dd01c85b3cb88f

  • SHA512

    5943cd0696b6027166daabdd4f4743405f5863fc2d4e7b9a145aec54e9d1b9cba25152a07e72532361f46d56f58441c2fcc5a6014bad7cc3a39e16a9c3dea31d

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYR:qDdFJy3QMOtEvwDpjjWMl7T0

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-24_edd9166edbf6fbc22b15afc7f9b8bf90_cryptolocker

    • Size

      38KB

    • MD5

      edd9166edbf6fbc22b15afc7f9b8bf90

    • SHA1

      e36cb39d54bb3b6cd83351c4affba09fd2210ee5

    • SHA256

      4105ca482dae3c6fba5eb44df4aec3795de037b52ba80f0973dd01c85b3cb88f

    • SHA512

      5943cd0696b6027166daabdd4f4743405f5863fc2d4e7b9a145aec54e9d1b9cba25152a07e72532361f46d56f58441c2fcc5a6014bad7cc3a39e16a9c3dea31d

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYR:qDdFJy3QMOtEvwDpjjWMl7T0

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks