Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-30_a20b0bff9547a4cd3b07441c6e1f08eb_cryptolocker

  • Size

    64KB

  • Sample

    240430-dc76waae45

  • MD5

    a20b0bff9547a4cd3b07441c6e1f08eb

  • SHA1

    789e050005769a715b3b199c63a3dfc9aa2a1286

  • SHA256

    1285802afe2aa367443cf49cf03c7a11139d200e3fd2c9bb53457dd8b4152f4d

  • SHA512

    d51705967d47a1990efe3da01b5d952c5e3ca91bd2cff6105bb606c2cae0aafe88659a2c25d7006b7f74ed3e11fb0a33e9720db6fa2943ca825ed42d1e19d3a9

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAo3:1nK6a+qdOOtEvwDpjZ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-30_a20b0bff9547a4cd3b07441c6e1f08eb_cryptolocker

    • Size

      64KB

    • MD5

      a20b0bff9547a4cd3b07441c6e1f08eb

    • SHA1

      789e050005769a715b3b199c63a3dfc9aa2a1286

    • SHA256

      1285802afe2aa367443cf49cf03c7a11139d200e3fd2c9bb53457dd8b4152f4d

    • SHA512

      d51705967d47a1990efe3da01b5d952c5e3ca91bd2cff6105bb606c2cae0aafe88659a2c25d7006b7f74ed3e11fb0a33e9720db6fa2943ca825ed42d1e19d3a9

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYibAo3:1nK6a+qdOOtEvwDpjZ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks