Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-11_f4c6732e6082f572e97d548403f578d7_cryptolocker

  • Size

    88KB

  • Sample

    240511-rxprxsbg7w

  • MD5

    f4c6732e6082f572e97d548403f578d7

  • SHA1

    8200660db4677ac3e2e3b84a73301cc4818d2697

  • SHA256

    49d0edb6a97b487d8c68bff3e6d02ecd001cc3f6372ed4b431ac32be408947d3

  • SHA512

    3fa3d32f43f7a669391eb2b184ad5cb68e55cc808e2f4d47e033d8f76433b5caff012ac6ea3b1f3c80a9dcf86cc540139dcf60659e0f180af64e4c9aea93e9f2

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQq:AnBdOOtEvwDpj6zl

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-11_f4c6732e6082f572e97d548403f578d7_cryptolocker

    • Size

      88KB

    • MD5

      f4c6732e6082f572e97d548403f578d7

    • SHA1

      8200660db4677ac3e2e3b84a73301cc4818d2697

    • SHA256

      49d0edb6a97b487d8c68bff3e6d02ecd001cc3f6372ed4b431ac32be408947d3

    • SHA512

      3fa3d32f43f7a669391eb2b184ad5cb68e55cc808e2f4d47e033d8f76433b5caff012ac6ea3b1f3c80a9dcf86cc540139dcf60659e0f180af64e4c9aea93e9f2

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgQq:AnBdOOtEvwDpj6zl

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks