Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker

  • Size

    59KB

  • Sample

    240527-wmldzade88

  • MD5

    5120f104b3f69b5866a376e61bd37233

  • SHA1

    7d3f2c442edd0a455c9d726c96f98821be1a6f68

  • SHA256

    f2d913398fe248a5acab694fe282b1e572aa82e038557ee8fff0aa3b433f56aa

  • SHA512

    3462d3cd0710080fe1348ec4758b53490cade34392c100e0862710be782a537708b6d7a0943f00d9bfd1075974483d861fcc96953939c561be66a7efc4afaabc

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj9:H6QFElP6n+gou9cvMOtEvwDpjCpVXA

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-27_5120f104b3f69b5866a376e61bd37233_cryptolocker

    • Size

      59KB

    • MD5

      5120f104b3f69b5866a376e61bd37233

    • SHA1

      7d3f2c442edd0a455c9d726c96f98821be1a6f68

    • SHA256

      f2d913398fe248a5acab694fe282b1e572aa82e038557ee8fff0aa3b433f56aa

    • SHA512

      3462d3cd0710080fe1348ec4758b53490cade34392c100e0862710be782a537708b6d7a0943f00d9bfd1075974483d861fcc96953939c561be66a7efc4afaabc

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPj9:H6QFElP6n+gou9cvMOtEvwDpjCpVXA

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks