Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker

  • Size

    24KB

  • Sample

    240528-a7sg5ahe28

  • MD5

    a08dd1097036b66cbcfc7cf01dfa01c1

  • SHA1

    58cbe3064c025c973f9056b68e65853f26989a6a

  • SHA256

    819455bddb490fbacdb831dbf60819fa706bf8b17ebf5a221485523972d78076

  • SHA512

    daafd630a3ce7f66bf7cb813ae5abe0fff65f8474a1326b8e7e35ffcbf822666e2d6e2532453bdbb6382c209f865b7df0ff88fb94bb00e63fa5baaad6433ffd0

  • SSDEEP

    384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2v:bVCPwFRo6CpwXFXSqQXfjAsJU

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-28_a08dd1097036b66cbcfc7cf01dfa01c1_cryptolocker

    • Size

      24KB

    • MD5

      a08dd1097036b66cbcfc7cf01dfa01c1

    • SHA1

      58cbe3064c025c973f9056b68e65853f26989a6a

    • SHA256

      819455bddb490fbacdb831dbf60819fa706bf8b17ebf5a221485523972d78076

    • SHA512

      daafd630a3ce7f66bf7cb813ae5abe0fff65f8474a1326b8e7e35ffcbf822666e2d6e2532453bdbb6382c209f865b7df0ff88fb94bb00e63fa5baaad6433ffd0

    • SSDEEP

      384:bVCPwFRuFn65arz1ZhdaXFXSCVQTLfjDp6HMJ2v:bVCPwFRo6CpwXFXSqQXfjAsJU

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks