Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-15_167f481a15c2e7a3f0ff2177a7f62ecd_cryptolocker

  • Size

    33KB

  • Sample

    240515-w3zarsde2y

  • MD5

    167f481a15c2e7a3f0ff2177a7f62ecd

  • SHA1

    78785b0c9452a3e5d019722f3acfbdffe2f379c7

  • SHA256

    3116b22af5baceb668e44ff3c21bbf0b4cec15e4976c647b14799269552be9af

  • SHA512

    6d390d0e601e9bdb40c8311a3c3614c385bb04a5ae83ca56a718ee49070adb3dc8d7b67ed16626d1b64af47d7a302d02952783e8b0ef840b23d7da0768d46a29

  • SSDEEP

    768:bFPm5zusFUB2preAr+Ofjg0S16avdrQFiLjJvtXkP:bFPmpiif/oc+vXkP

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-15_167f481a15c2e7a3f0ff2177a7f62ecd_cryptolocker

    • Size

      33KB

    • MD5

      167f481a15c2e7a3f0ff2177a7f62ecd

    • SHA1

      78785b0c9452a3e5d019722f3acfbdffe2f379c7

    • SHA256

      3116b22af5baceb668e44ff3c21bbf0b4cec15e4976c647b14799269552be9af

    • SHA512

      6d390d0e601e9bdb40c8311a3c3614c385bb04a5ae83ca56a718ee49070adb3dc8d7b67ed16626d1b64af47d7a302d02952783e8b0ef840b23d7da0768d46a29

    • SSDEEP

      768:bFPm5zusFUB2preAr+Ofjg0S16avdrQFiLjJvtXkP:bFPmpiif/oc+vXkP

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks