Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ff5a1c761c9fef48c031472614a51886

  • Size

    244KB

  • Sample

    220908-ycy87afeh7

  • MD5

    ff5a1c761c9fef48c031472614a51886

  • SHA1

    2d92b56d2c3b5af6b0cadc2092ddcec064a68efc

  • SHA256

    b544024ccaf2732cd3aa915b8d8db30ae568758ceabe02bb143bbe506a26fe0c

  • SHA512

    5e968e3201586ffb8df317611134a7999750f398c54ed23d5cc2dff109b3eaad97aa88628f936cd83637cf71548adc9f96b3bd382c21cde6ee2607683535a6a7

  • SSDEEP

    3072:Ji6ItbhTm5EJBBEDCNVuNwXiNtoU39qzNAjv2bZxglSv1OrSjfXw2ODF:Ji6ItdLjcCLSNmWt2bZQSdOrSjfXw2qF

Malware Config

Targets

    • Target

      ff5a1c761c9fef48c031472614a51886

    • Size

      244KB

    • MD5

      ff5a1c761c9fef48c031472614a51886

    • SHA1

      2d92b56d2c3b5af6b0cadc2092ddcec064a68efc

    • SHA256

      b544024ccaf2732cd3aa915b8d8db30ae568758ceabe02bb143bbe506a26fe0c

    • SHA512

      5e968e3201586ffb8df317611134a7999750f398c54ed23d5cc2dff109b3eaad97aa88628f936cd83637cf71548adc9f96b3bd382c21cde6ee2607683535a6a7

    • SSDEEP

      3072:Ji6ItbhTm5EJBBEDCNVuNwXiNtoU39qzNAjv2bZxglSv1OrSjfXw2ODF:Ji6ItdLjcCLSNmWt2bZQSdOrSjfXw2qF

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks