Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-29_aa71597e3dbeb4accf35ac989307f8b9_cryptolocker

  • Size

    95KB

  • Sample

    240529-e8cwaaaf5z

  • MD5

    aa71597e3dbeb4accf35ac989307f8b9

  • SHA1

    43e63c09d325ae2cf9c142651b21c2db3cd4391c

  • SHA256

    a97c3e527f4fa0465ad13ae5eae6d07be0a6ccc4350cdb9d1f61b850b9f795d9

  • SHA512

    95f41ebcdac886b6f34b231f8de887216764b5e862f760a575cd99b02e531db2f0c5b7cd585b2b0cbc899d197513a0abe343c0c56f799e8b8595e4797875c03c

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+S:AnBdOOtEvwDpj6z1

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-05-29_aa71597e3dbeb4accf35ac989307f8b9_cryptolocker

    • Size

      95KB

    • MD5

      aa71597e3dbeb4accf35ac989307f8b9

    • SHA1

      43e63c09d325ae2cf9c142651b21c2db3cd4391c

    • SHA256

      a97c3e527f4fa0465ad13ae5eae6d07be0a6ccc4350cdb9d1f61b850b9f795d9

    • SHA512

      95f41ebcdac886b6f34b231f8de887216764b5e862f760a575cd99b02e531db2f0c5b7cd585b2b0cbc899d197513a0abe343c0c56f799e8b8595e4797875c03c

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+S:AnBdOOtEvwDpj6z1

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks