Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker

  • Size

    95KB

  • Sample

    240425-myabeaaa6y

  • MD5

    f6525db6b2e96d6a82bcec671dfa4cac

  • SHA1

    751f5b13141889744fe39efe22917cf6f88838de

  • SHA256

    3c5a47566d482f673b40b2694d9e398d0ac8de5b47672817c095d7da723ced91

  • SHA512

    afc3d17660b04e6e86ea991d3e27850ae92eb787973c9bb5a2c6956b10a0baf6c791abd614ba05a8033a0735ba470250145c3054022b97ecd28f619639bfcad5

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYIb:AnBdOOtEvwDpj6zA

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-25_f6525db6b2e96d6a82bcec671dfa4cac_cryptolocker

    • Size

      95KB

    • MD5

      f6525db6b2e96d6a82bcec671dfa4cac

    • SHA1

      751f5b13141889744fe39efe22917cf6f88838de

    • SHA256

      3c5a47566d482f673b40b2694d9e398d0ac8de5b47672817c095d7da723ced91

    • SHA512

      afc3d17660b04e6e86ea991d3e27850ae92eb787973c9bb5a2c6956b10a0baf6c791abd614ba05a8033a0735ba470250145c3054022b97ecd28f619639bfcad5

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgpYIb:AnBdOOtEvwDpj6zA

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks