Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-25_c38b60dc32d8fcd469456ab13d8d81f7_cryptolocker

  • Size

    40KB

  • Sample

    240525-2kplhada4y

  • MD5

    c38b60dc32d8fcd469456ab13d8d81f7

  • SHA1

    e4a7478debe6448c97c4bf0f5f2ad94bc4237579

  • SHA256

    ca74d371515ec859319c06c21607ec1864ff5a2197745a7b7c17d7ca082a3243

  • SHA512

    53d0f8f0f2731af41bc398dc1e706dfa139a952182c4cee983787fe1e8cf1bbde52162b27884752d0f790924e577f510f19204b929c095dc452d90ddfe594b80

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY91:qDdFJy3QMOtEvwDpjjWMl7T+

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-25_c38b60dc32d8fcd469456ab13d8d81f7_cryptolocker

    • Size

      40KB

    • MD5

      c38b60dc32d8fcd469456ab13d8d81f7

    • SHA1

      e4a7478debe6448c97c4bf0f5f2ad94bc4237579

    • SHA256

      ca74d371515ec859319c06c21607ec1864ff5a2197745a7b7c17d7ca082a3243

    • SHA512

      53d0f8f0f2731af41bc398dc1e706dfa139a952182c4cee983787fe1e8cf1bbde52162b27884752d0f790924e577f510f19204b929c095dc452d90ddfe594b80

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY91:qDdFJy3QMOtEvwDpjjWMl7T+

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks