Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-01_a8391e40fd49dd362044ade1b9694765_cryptolocker

  • Size

    40KB

  • Sample

    240601-qw9v2adf6y

  • MD5

    a8391e40fd49dd362044ade1b9694765

  • SHA1

    423593e69ddd3a78973b775f55ad413ac3261f87

  • SHA256

    e59746a9806739913f29baca31a4aeac0e7091d5565fbcb8b21519d461e588df

  • SHA512

    1cf3e7c6997a631baa2310e8fe0962b20538ba9bb9055cf44b67af2424e40da3e151ef6fd6bd487c3c08999925e709d1d99e5c83d8573b455bd0f3b15c1682ba

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYX5b:qDdFJy3QMOtEvwDpjjWMl7TQ

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-01_a8391e40fd49dd362044ade1b9694765_cryptolocker

    • Size

      40KB

    • MD5

      a8391e40fd49dd362044ade1b9694765

    • SHA1

      423593e69ddd3a78973b775f55ad413ac3261f87

    • SHA256

      e59746a9806739913f29baca31a4aeac0e7091d5565fbcb8b21519d461e588df

    • SHA512

      1cf3e7c6997a631baa2310e8fe0962b20538ba9bb9055cf44b67af2424e40da3e151ef6fd6bd487c3c08999925e709d1d99e5c83d8573b455bd0f3b15c1682ba

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYX5b:qDdFJy3QMOtEvwDpjjWMl7TQ

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks