Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker

  • Size

    38KB

  • Sample

    240516-1bgc4ahc33

  • MD5

    532295e6aa8fc61b7b169437db841375

  • SHA1

    dd92797d2a5e88e9ac5ac701b7744297c1819c1f

  • SHA256

    4b943fcd1fad607a7d769f215743ddbd2b68242e5213f31d4fa87dc9f6b21a60

  • SHA512

    283ab773b6f47079d121aa79b02c83bfaf4fabbc86d3cb3249afb544bce467fc7942e64db243b2719e157fe8cf5db91398912840a22175e0ba43748836b8a3cc

  • SSDEEP

    768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3Ai:qUmnpomddpMOtEvwDpjjaYaQZ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-16_532295e6aa8fc61b7b169437db841375_cryptolocker

    • Size

      38KB

    • MD5

      532295e6aa8fc61b7b169437db841375

    • SHA1

      dd92797d2a5e88e9ac5ac701b7744297c1819c1f

    • SHA256

      4b943fcd1fad607a7d769f215743ddbd2b68242e5213f31d4fa87dc9f6b21a60

    • SHA512

      283ab773b6f47079d121aa79b02c83bfaf4fabbc86d3cb3249afb544bce467fc7942e64db243b2719e157fe8cf5db91398912840a22175e0ba43748836b8a3cc

    • SSDEEP

      768:qUmnjFom/kLyMro2GtOOtEvwDpjeMLam5axK3Ai:qUmnpomddpMOtEvwDpjjaYaQZ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks