Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker

  • Size

    40KB

  • Sample

    240605-g492bshb52

  • MD5

    f8aec2faf3f15e6284aa45ce6548992b

  • SHA1

    cc7db7b3e8a47c3df2392cf3f9963ac68e6f31c8

  • SHA256

    b3f19e8412d8073bf650cc6a9be86fd2538080960e76861122dbe89d8de206c2

  • SHA512

    de24b13baf1b74ea9a31d5271776a23b3c4c2e3744ef908fd54f5da5ae05b897fe6b3ef257ee30f0eb991bbcedc1c1ce7887502d912c16069e82aedf028a6cb9

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Xm:qDdFJy3QMOtEvwDpjjWMl7TV

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-05_f8aec2faf3f15e6284aa45ce6548992b_cryptolocker

    • Size

      40KB

    • MD5

      f8aec2faf3f15e6284aa45ce6548992b

    • SHA1

      cc7db7b3e8a47c3df2392cf3f9963ac68e6f31c8

    • SHA256

      b3f19e8412d8073bf650cc6a9be86fd2538080960e76861122dbe89d8de206c2

    • SHA512

      de24b13baf1b74ea9a31d5271776a23b3c4c2e3744ef908fd54f5da5ae05b897fe6b3ef257ee30f0eb991bbcedc1c1ce7887502d912c16069e82aedf028a6cb9

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITY9Xm:qDdFJy3QMOtEvwDpjjWMl7TV

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks