Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-09_3ad291f5ae2ab784fdabccb4f3d77a7f_cryptolocker

  • Size

    38KB

  • Sample

    240509-d9mlfabe98

  • MD5

    3ad291f5ae2ab784fdabccb4f3d77a7f

  • SHA1

    7534ac3f9ff44c550a30bcfd3be4c38f171dc997

  • SHA256

    9f57d1263ac7b39cfd1cbcd6bcebd406590a52f00d66f68134c5794562412490

  • SHA512

    830f734a9763a24264a9b476b793e16effc31cadaf860f583d2da9b8527e351a99679c17785fbe0a3c6786c9af61793365a4e08b3844927b0db972e12cfaf737

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY2:qDdFJy3QMOtEvwDpjjWMl7Tv

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-09_3ad291f5ae2ab784fdabccb4f3d77a7f_cryptolocker

    • Size

      38KB

    • MD5

      3ad291f5ae2ab784fdabccb4f3d77a7f

    • SHA1

      7534ac3f9ff44c550a30bcfd3be4c38f171dc997

    • SHA256

      9f57d1263ac7b39cfd1cbcd6bcebd406590a52f00d66f68134c5794562412490

    • SHA512

      830f734a9763a24264a9b476b793e16effc31cadaf860f583d2da9b8527e351a99679c17785fbe0a3c6786c9af61793365a4e08b3844927b0db972e12cfaf737

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY2:qDdFJy3QMOtEvwDpjjWMl7Tv

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks