Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker

  • Size

    73KB

  • Sample

    240524-qr9dpsfg2w

  • MD5

    fa64b2944373f55f8816c6ef3d226853

  • SHA1

    bc0a066ac49eb562651103201d42b5880a15d2e6

  • SHA256

    e95cc2307444ecd53c50abf7cdcbb25ea1bce6850ac3ed5cd988c923f3cf0939

  • SHA512

    c585fe991e74479b6cc63722ea87e3b91d0c5364b2f0e541673c1bb1a8ad27115558dfbffb0af11cb67f0f8ef9cc4de02760329b5fe3b3ba92bfc93a27cfbe6d

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs975:C4Q2c94OtEvwDpj4H8zs

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-24_fa64b2944373f55f8816c6ef3d226853_cryptolocker

    • Size

      73KB

    • MD5

      fa64b2944373f55f8816c6ef3d226853

    • SHA1

      bc0a066ac49eb562651103201d42b5880a15d2e6

    • SHA256

      e95cc2307444ecd53c50abf7cdcbb25ea1bce6850ac3ed5cd988c923f3cf0939

    • SHA512

      c585fe991e74479b6cc63722ea87e3b91d0c5364b2f0e541673c1bb1a8ad27115558dfbffb0af11cb67f0f8ef9cc4de02760329b5fe3b3ba92bfc93a27cfbe6d

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs975:C4Q2c94OtEvwDpj4H8zs

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks