Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker

  • Size

    65KB

  • Sample

    240430-xvjqsaea5v

  • MD5

    663fc31ea8e1fc5623b3c03817d2b232

  • SHA1

    ff8cae4428a4daa1fcf6a07cd5c6d670eab4b2b7

  • SHA256

    fc9e09a5107cd542f3b39ca4115403adcd6a7e57c8194d33ef83d9deb803d2c0

  • SHA512

    5de0947ceef57ef2893150fdc7c27fcb82e0e6cf12b26873bd4659d7825502792a2917eeefd7b765c8abce849d5f413ce5bdff2b4bb1c85b1ea23ff196b0f256

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyv:1nK6a+qdOOtEvwDpj8

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-04-30_663fc31ea8e1fc5623b3c03817d2b232_cryptolocker

    • Size

      65KB

    • MD5

      663fc31ea8e1fc5623b3c03817d2b232

    • SHA1

      ff8cae4428a4daa1fcf6a07cd5c6d670eab4b2b7

    • SHA256

      fc9e09a5107cd542f3b39ca4115403adcd6a7e57c8194d33ef83d9deb803d2c0

    • SHA512

      5de0947ceef57ef2893150fdc7c27fcb82e0e6cf12b26873bd4659d7825502792a2917eeefd7b765c8abce849d5f413ce5bdff2b4bb1c85b1ea23ff196b0f256

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xDyv:1nK6a+qdOOtEvwDpj8

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks