Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker

  • Size

    59KB

  • Sample

    240615-jlwgbswerq

  • MD5

    ecce43abb051280b272162f99549bfd6

  • SHA1

    ed247fc7adb77036a5fce8b7885b84673a41c332

  • SHA256

    fb8ec63711aed81d81e846bbd2dd337e70cea667d6e220c1442122a91c905043

  • SHA512

    0b8480d6afab109ac823f50c5da9ec42deea171a2a0701349321888128ee04f4c7081820cd002224f6aecddf645a5bbcfd71e41df101d93e437b4dee1278d3b5

  • SSDEEP

    768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5ax+N8:z6QFElP6n+gKmddpMOtEvwDpj9aYaz

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-15_ecce43abb051280b272162f99549bfd6_cryptolocker

    • Size

      59KB

    • MD5

      ecce43abb051280b272162f99549bfd6

    • SHA1

      ed247fc7adb77036a5fce8b7885b84673a41c332

    • SHA256

      fb8ec63711aed81d81e846bbd2dd337e70cea667d6e220c1442122a91c905043

    • SHA512

      0b8480d6afab109ac823f50c5da9ec42deea171a2a0701349321888128ee04f4c7081820cd002224f6aecddf645a5bbcfd71e41df101d93e437b4dee1278d3b5

    • SSDEEP

      768:z6LsoEEeegiZPvEhHSG+gzum/kLyMro2GtOOtEvwDpj/YMLam5ax+N8:z6QFElP6n+gKmddpMOtEvwDpj9aYaz

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks