Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker

  • Size

    41KB

  • Sample

    240616-rwfgvswhrd

  • MD5

    8d092c6c9946b687db09ec894813eed3

  • SHA1

    ebeeaa4e4216535d7ab9cf06f238824057f6bf02

  • SHA256

    8f7e8810121b11948c5a2ec578907c78329aa95a7967bdf43604e283522bc4a7

  • SHA512

    d7fa1688f32d977f93cf0ac033afffb918d2b3d68c379714277004388dccb7aaec64e1f41c922466805fb37d958c94561ac8522f44fb8cee5bab07026967aaad

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYL:qDdFJy3QMOtEvwDpjjWMl7TS

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-16_8d092c6c9946b687db09ec894813eed3_cryptolocker

    • Size

      41KB

    • MD5

      8d092c6c9946b687db09ec894813eed3

    • SHA1

      ebeeaa4e4216535d7ab9cf06f238824057f6bf02

    • SHA256

      8f7e8810121b11948c5a2ec578907c78329aa95a7967bdf43604e283522bc4a7

    • SHA512

      d7fa1688f32d977f93cf0ac033afffb918d2b3d68c379714277004388dccb7aaec64e1f41c922466805fb37d958c94561ac8522f44fb8cee5bab07026967aaad

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYL:qDdFJy3QMOtEvwDpjjWMl7TS

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks