Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker

  • Size

    68KB

  • Sample

    240521-s5t72saf95

  • MD5

    534003edc0cf10464fcaa6b66b8b8036

  • SHA1

    cd29699d53c6b16ada8fac25198472e411d8b214

  • SHA256

    4624aae5c3cd4d994d8dc3f800df640d667fbc3e88742874e0f21f4c3620bac9

  • SHA512

    6e322f107e5607b9f6d44ce262c8c7eea552741be4d14a0a824c9b63da63c752e5bfd95c01202635becc2e06e74d941fb605ac55a279731768e5ca0e537618f5

  • SSDEEP

    1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAek:78SEOtEvwDpjWYvQd2Px

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-21_534003edc0cf10464fcaa6b66b8b8036_cryptolocker

    • Size

      68KB

    • MD5

      534003edc0cf10464fcaa6b66b8b8036

    • SHA1

      cd29699d53c6b16ada8fac25198472e411d8b214

    • SHA256

      4624aae5c3cd4d994d8dc3f800df640d667fbc3e88742874e0f21f4c3620bac9

    • SHA512

      6e322f107e5607b9f6d44ce262c8c7eea552741be4d14a0a824c9b63da63c752e5bfd95c01202635becc2e06e74d941fb605ac55a279731768e5ca0e537618f5

    • SSDEEP

      1536:quJu9cvMOtEvwDpjWYTjipvF2bx1PQAek:78SEOtEvwDpjWYvQd2Px

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks