Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker

  • Size

    90KB

  • Sample

    240512-d32rsaed9v

  • MD5

    154dfc2a8b080efa2325450db484684f

  • SHA1

    474d7f2fb9fbf9b86681c7b7697f9e2d88e7290e

  • SHA256

    9922a3809ad2c481544186dd15b1cca8522884bafca885fc25e73a7d2cd0c5c2

  • SHA512

    04872ce5ad3f09731770fb9009b718faf40115103b4657708bc9a59e684a1a94ef25408a092873e8d899b13c35f97eef224e9b7a2836a2cdaac32405602d1d21

  • SSDEEP

    1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/U:n6a+1SEOtEvwDpjYYvQd2PT

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-12_154dfc2a8b080efa2325450db484684f_cryptolocker

    • Size

      90KB

    • MD5

      154dfc2a8b080efa2325450db484684f

    • SHA1

      474d7f2fb9fbf9b86681c7b7697f9e2d88e7290e

    • SHA256

      9922a3809ad2c481544186dd15b1cca8522884bafca885fc25e73a7d2cd0c5c2

    • SHA512

      04872ce5ad3f09731770fb9009b718faf40115103b4657708bc9a59e684a1a94ef25408a092873e8d899b13c35f97eef224e9b7a2836a2cdaac32405602d1d21

    • SSDEEP

      1536:n6QFElP6n+g9u9cvMOtEvwDpjYYTjipvF2bx1PQAA/U:n6a+1SEOtEvwDpjYYvQd2PT

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks