Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker

  • Size

    52KB

  • Sample

    240608-dzpm2sgc8w

  • MD5

    638947c6a48ee05b1c2a45265ccce8fb

  • SHA1

    44fba1964585c8c502843fd0dec0482da743e408

  • SHA256

    4eb2fec9afa90fd0e2dcf044f0d0d7b9df8eac6d8b6a48c8e31bf86ff784db4c

  • SHA512

    e34e4b2d25d531558191bf4407ff0c364b3b1a230d63a469514b369ee26b5271e6a24f98952382c159b1dff2b17f16826171a7689b445eb647c9c41c4a393ba9

  • SSDEEP

    768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOJ:bODOw9acifAoc+vu

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-08_638947c6a48ee05b1c2a45265ccce8fb_cryptolocker

    • Size

      52KB

    • MD5

      638947c6a48ee05b1c2a45265ccce8fb

    • SHA1

      44fba1964585c8c502843fd0dec0482da743e408

    • SHA256

      4eb2fec9afa90fd0e2dcf044f0d0d7b9df8eac6d8b6a48c8e31bf86ff784db4c

    • SHA512

      e34e4b2d25d531558191bf4407ff0c364b3b1a230d63a469514b369ee26b5271e6a24f98952382c159b1dff2b17f16826171a7689b445eb647c9c41c4a393ba9

    • SSDEEP

      768:bODOw9UiamWUB2preAr+OfjH/0S16avdrQFiLjJvtOJ:bODOw9acifAoc+vu

    Score
    9/10
    • Detection of CryptoLocker Variants

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks