Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-30_21c0a081658f024a30ad731ebef9831d_cryptolocker

  • Size

    81KB

  • Sample

    240430-c1j9aaaa79

  • MD5

    21c0a081658f024a30ad731ebef9831d

  • SHA1

    09e9b91402ca06cede822327aa2f4682d2197dd5

  • SHA256

    b88f884e4fedc3e7f632d4f82f3b6182cb16e1567a3cb648e75d1f34329ab344

  • SHA512

    6457ff268e54646ae3b9a880c9d5c8bca8b2412f42d898ed07858ac34768b814d2b090ba86c0dc1948a2fc414e7b62362f65b94055688a2799af032668e374a4

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qp2CEb:zCsanOtEvwDpjw

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-30_21c0a081658f024a30ad731ebef9831d_cryptolocker

    • Size

      81KB

    • MD5

      21c0a081658f024a30ad731ebef9831d

    • SHA1

      09e9b91402ca06cede822327aa2f4682d2197dd5

    • SHA256

      b88f884e4fedc3e7f632d4f82f3b6182cb16e1567a3cb648e75d1f34329ab344

    • SHA512

      6457ff268e54646ae3b9a880c9d5c8bca8b2412f42d898ed07858ac34768b814d2b090ba86c0dc1948a2fc414e7b62362f65b94055688a2799af032668e374a4

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7Qp2CEb:zCsanOtEvwDpjw

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks