Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-06_bec9d5c58c87fc5d6033ea5c204e0430_cryptolocker

  • Size

    67KB

  • Sample

    240606-1e63xscc6z

  • MD5

    bec9d5c58c87fc5d6033ea5c204e0430

  • SHA1

    8524e1a2fd61cdc49410100e44ceab6de6c3d452

  • SHA256

    424e6095c1bb00a1106df238301074365e478236b0517f22835fccc4ff8e2eb6

  • SHA512

    62709d8b8451feeb9aec6a5748f61bfe35ff37515116a55124ed986a05a40c8d29cd987989454c03c3620ebb41e7875bf904b9a51b99a908837322b5fc565f57

  • SSDEEP

    1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xZVg:1nK6a+qdOOtEvwDpjW

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-06_bec9d5c58c87fc5d6033ea5c204e0430_cryptolocker

    • Size

      67KB

    • MD5

      bec9d5c58c87fc5d6033ea5c204e0430

    • SHA1

      8524e1a2fd61cdc49410100e44ceab6de6c3d452

    • SHA256

      424e6095c1bb00a1106df238301074365e478236b0517f22835fccc4ff8e2eb6

    • SHA512

      62709d8b8451feeb9aec6a5748f61bfe35ff37515116a55124ed986a05a40c8d29cd987989454c03c3620ebb41e7875bf904b9a51b99a908837322b5fc565f57

    • SSDEEP

      1536:P8mnK6QFElP6n+gymddpMOtEvwDpjYZ8xZVg:1nK6a+qdOOtEvwDpjW

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks