Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-02_958da012bd185b5676faec41cc41fdb9_cryptolocker

  • Size

    88KB

  • Sample

    240602-e9l6cabh26

  • MD5

    958da012bd185b5676faec41cc41fdb9

  • SHA1

    a879dd6a1c93418081a530b06599041d7b89f287

  • SHA256

    f34c13a2a6f92947c93dd3015c702862d7fc5d74d7791d0250eabdd85fc81aad

  • SHA512

    bb9fe6fe574a8209f231510f0b1a67efe271f8912b68a5302dc1f5b84b7161a4dd134311f98330fcebd512c404793e493c1a768b17ead2d83110da4d3f2324dc

  • SSDEEP

    768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODZ:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgX

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-02_958da012bd185b5676faec41cc41fdb9_cryptolocker

    • Size

      88KB

    • MD5

      958da012bd185b5676faec41cc41fdb9

    • SHA1

      a879dd6a1c93418081a530b06599041d7b89f287

    • SHA256

      f34c13a2a6f92947c93dd3015c702862d7fc5d74d7791d0250eabdd85fc81aad

    • SHA512

      bb9fe6fe574a8209f231510f0b1a67efe271f8912b68a5302dc1f5b84b7161a4dd134311f98330fcebd512c404793e493c1a768b17ead2d83110da4d3f2324dc

    • SSDEEP

      768:qkmnjFom/kLyMro2GtOOtEvwDpjeY10Y/YMsvlMdwPK80GQuchoIgtIODZ:qkmnpomddpMOtEvwDpjJGYQbN/PKwMgX

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks