Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-29_4c0bdee5b79fb534344298fecd83829b_cryptolocker

  • Size

    40KB

  • Sample

    240629-axhvyawfmb

  • MD5

    4c0bdee5b79fb534344298fecd83829b

  • SHA1

    25f5b1a124dde7dbc6a4cc520d0ab2e6e7827164

  • SHA256

    9b73f10d6388baeee3591888ecd27eaf80150765b668fb97483c18f57e51f4e2

  • SHA512

    e8bae2c6dced421a6506c44ba3df55ef14001ef07ab3f1dd34ab2d25d7626db75fd7b7a453fda6e9ae8ea40501ab75aa96c34714cad761145368f36083485567

  • SSDEEP

    768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDbGx:qDdFJy3QMOtEvwDpjjWMl7Tdyx

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-29_4c0bdee5b79fb534344298fecd83829b_cryptolocker

    • Size

      40KB

    • MD5

      4c0bdee5b79fb534344298fecd83829b

    • SHA1

      25f5b1a124dde7dbc6a4cc520d0ab2e6e7827164

    • SHA256

      9b73f10d6388baeee3591888ecd27eaf80150765b668fb97483c18f57e51f4e2

    • SHA512

      e8bae2c6dced421a6506c44ba3df55ef14001ef07ab3f1dd34ab2d25d7626db75fd7b7a453fda6e9ae8ea40501ab75aa96c34714cad761145368f36083485567

    • SSDEEP

      768:q7PdFecFS5agQtOOtEvwDpjeMLZdzuqpXsiE8Wq/DpkITYabDbGx:qDdFJy3QMOtEvwDpjjWMl7Tdyx

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks