Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-24_30102a51a5c61b8593d906cd38258842_cryptolocker

  • Size

    73KB

  • Sample

    240524-d379kabe78

  • MD5

    30102a51a5c61b8593d906cd38258842

  • SHA1

    b03ec5db2db42892317434a9ce184a7f6462d1fc

  • SHA256

    c31d47f2a87ff37bbed99186e4c2c416ab3aab4bdc13d1ef6c8f0a66f1a078a8

  • SHA512

    ab35e9755a5d31a6381c97a6dafbd1c51bc4ba8f02aeb307c2ce805c69547a782f9b405c523371e308d0296449e229f00c5bd15614574f4db9d00aee96df00e1

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9Vo:C4Q2c94OtEvwDpj4H8zT

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_30102a51a5c61b8593d906cd38258842_cryptolocker

    • Size

      73KB

    • MD5

      30102a51a5c61b8593d906cd38258842

    • SHA1

      b03ec5db2db42892317434a9ce184a7f6462d1fc

    • SHA256

      c31d47f2a87ff37bbed99186e4c2c416ab3aab4bdc13d1ef6c8f0a66f1a078a8

    • SHA512

      ab35e9755a5d31a6381c97a6dafbd1c51bc4ba8f02aeb307c2ce805c69547a782f9b405c523371e308d0296449e229f00c5bd15614574f4db9d00aee96df00e1

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs9Vo:C4Q2c94OtEvwDpj4H8zT

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks