Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-05-25...er.exe

windows7-x64

9

2024-05-25...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-25_055854618d866cd4d3e4766665c0b5f9_cryptolocker

  • Size

    58KB

  • Sample

    240525-eznw7aec4x

  • MD5

    055854618d866cd4d3e4766665c0b5f9

  • SHA1

    99a74642bbb716be8dcf0c6e235c62dd1109dc7b

  • SHA256

    fd0c39016af954ed80a66cda7dd20f376f0dff4e2f445996d6095007922b87f0

  • SHA512

    418bf069031db13ec79d9a84ff1e320fdf5882e1fa758886b073927df34a6d03d2e83d2748f83e1627f3f136606a5df4d7770b283bbc4820aa5e805cac6661f2

  • SSDEEP

    1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6Impya:BbdDmjr+OtEvwDpjM9

Score
10/10

Malware Config

Targets

    • Target

      2024-05-25_055854618d866cd4d3e4766665c0b5f9_cryptolocker

    • Size

      58KB

    • MD5

      055854618d866cd4d3e4766665c0b5f9

    • SHA1

      99a74642bbb716be8dcf0c6e235c62dd1109dc7b

    • SHA256

      fd0c39016af954ed80a66cda7dd20f376f0dff4e2f445996d6095007922b87f0

    • SHA512

      418bf069031db13ec79d9a84ff1e320fdf5882e1fa758886b073927df34a6d03d2e83d2748f83e1627f3f136606a5df4d7770b283bbc4820aa5e805cac6661f2

    • SSDEEP

      1536:qmbhXDmjr5MOtEvwDpj5cDtKkQZQRKb6Impya:BbdDmjr+OtEvwDpjM9

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks