Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker

  • Size

    38KB

  • Sample

    240501-yvhzxshf57

  • MD5

    1170e3c347fec70e64a702cd0674706a

  • SHA1

    181d1001a5a11cfb3f2d427705cd1c01e94a25f2

  • SHA256

    4e928a64a1109436f99277447561be4ebf689edcbf5e52ed60a397f871ca1a10

  • SHA512

    9b188298aa0d3d5337dc55892be8a6f6780ed3f266c7d829cd6ce62b302146ed11d792e602df5c9ce36dda76cbc9c83562bbaa419f1525e51c9349928e8519b9

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYO:qDdFJy3QMOtEvwDpjjWMl7TP

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-01_1170e3c347fec70e64a702cd0674706a_cryptolocker

    • Size

      38KB

    • MD5

      1170e3c347fec70e64a702cd0674706a

    • SHA1

      181d1001a5a11cfb3f2d427705cd1c01e94a25f2

    • SHA256

      4e928a64a1109436f99277447561be4ebf689edcbf5e52ed60a397f871ca1a10

    • SHA512

      9b188298aa0d3d5337dc55892be8a6f6780ed3f266c7d829cd6ce62b302146ed11d792e602df5c9ce36dda76cbc9c83562bbaa419f1525e51c9349928e8519b9

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYO:qDdFJy3QMOtEvwDpjjWMl7TP

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks