Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker

  • Size

    81KB

  • Sample

    240525-f5yh9afg4x

  • MD5

    3f6608a76f5a90f207bf872fce8a5b96

  • SHA1

    6192edf74b77dcf92b67539f3dfe8246dc5d7257

  • SHA256

    30de18802fc9233ff077a434daffc2c79cf6b2817dbf010dd2e5be80ef28f38d

  • SHA512

    dc3af75250af2cf6def8ecdeb24c96162e48b9c97ad3f31bb8bb2c71286655d1f51d9fcf65d71d736c2274b7a0600a80bb3e891234fd0e6cffa5e662e8b96a9b

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QM:zCsanOtEvwDpjo

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-25_3f6608a76f5a90f207bf872fce8a5b96_cryptolocker

    • Size

      81KB

    • MD5

      3f6608a76f5a90f207bf872fce8a5b96

    • SHA1

      6192edf74b77dcf92b67539f3dfe8246dc5d7257

    • SHA256

      30de18802fc9233ff077a434daffc2c79cf6b2817dbf010dd2e5be80ef28f38d

    • SHA512

      dc3af75250af2cf6def8ecdeb24c96162e48b9c97ad3f31bb8bb2c71286655d1f51d9fcf65d71d736c2274b7a0600a80bb3e891234fd0e6cffa5e662e8b96a9b

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJ0tq1ky7QM:zCsanOtEvwDpjo

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks