Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker

  • Size

    78KB

  • Sample

    240513-plv4fsfb54

  • MD5

    1e9a84c7edc546ca3617c1b1e61a29a4

  • SHA1

    7da09c1c417d1ce26b495da5e95431e2800b525e

  • SHA256

    3c8bb7241bec12f1e28786bb466483c2827e6686e7cd31bd2ff5bfbeb90b8d07

  • SHA512

    d90056b4a754bf8c4d5baeb553fadccf39fa87215477611b4871e0b49f2331ca69f7b74f348ff30c83d26075d0268016217859004f94757099e8eb399d320652

  • SSDEEP

    1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1H:T6a+rdOOtEvwDpjNtHPc

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-13_1e9a84c7edc546ca3617c1b1e61a29a4_cryptolocker

    • Size

      78KB

    • MD5

      1e9a84c7edc546ca3617c1b1e61a29a4

    • SHA1

      7da09c1c417d1ce26b495da5e95431e2800b525e

    • SHA256

      3c8bb7241bec12f1e28786bb466483c2827e6686e7cd31bd2ff5bfbeb90b8d07

    • SHA512

      d90056b4a754bf8c4d5baeb553fadccf39fa87215477611b4871e0b49f2331ca69f7b74f348ff30c83d26075d0268016217859004f94757099e8eb399d320652

    • SSDEEP

      1536:T6QFElP6n+gxmddpMOtEvwDpjwaxTNUOAkXtBdxPUxB1H:T6a+rdOOtEvwDpjNtHPc

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks