Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

3cf13441ba...1d.exe

windows7-x64

6

3cf13441ba...1d.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cf13441ba5e165c6b39e487518c7403e0a00abeb26f469c31f8eb16039d9b1d

  • Size

    73KB

  • Sample

    221030-ex8htacggl

  • MD5

    426cdf9391e91416a163974d451454fb

  • SHA1

    c8cf38de581b1cba597b4b3a1451b5bbe1013490

  • SHA256

    3cf13441ba5e165c6b39e487518c7403e0a00abeb26f469c31f8eb16039d9b1d

  • SHA512

    ccf5a2feeb9cb270eccb420f4388bf5210d696fac023bb26ed57c8bd1f595fa6b3842e6aaddc1da9f0fd36b608abb2494c5005f299b799235c821439865eab56

  • SSDEEP

    1536:P55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:7MSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabpersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      3cf13441ba5e165c6b39e487518c7403e0a00abeb26f469c31f8eb16039d9b1d

    • Size

      73KB

    • MD5

      426cdf9391e91416a163974d451454fb

    • SHA1

      c8cf38de581b1cba597b4b3a1451b5bbe1013490

    • SHA256

      3cf13441ba5e165c6b39e487518c7403e0a00abeb26f469c31f8eb16039d9b1d

    • SHA512

      ccf5a2feeb9cb270eccb420f4388bf5210d696fac023bb26ed57c8bd1f595fa6b3842e6aaddc1da9f0fd36b608abb2494c5005f299b799235c821439865eab56

    • SSDEEP

      1536:P55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:7MSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.