Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8ad1e7e01d7947exeexeexeex.exe

  • Size

    145KB

  • Sample

    230709-m9zensdd6v

  • MD5

    8ad1e7e01d7947544a56b2f333a0d471

  • SHA1

    c0e3c05b728fa2421ef475bfbb25fa003c20056b

  • SHA256

    9dd1935fcac2161ef8dc46b31ae921529cddd9eefa3585549a56224aa27e6786

  • SHA512

    f186611d10c4c723c3a9679f1c72af02cde2245f9efef476749fc1d3bd711d90b335b2ccfc07ce4baee53fd16c3c9629e053a82b910021ecac3b968794a0a99d

  • SSDEEP

    3072:BYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ByOqqDL64vdGREz

Malware Config

Targets

    • Target

      8ad1e7e01d7947exeexeexeex.exe

    • Size

      145KB

    • MD5

      8ad1e7e01d7947544a56b2f333a0d471

    • SHA1

      c0e3c05b728fa2421ef475bfbb25fa003c20056b

    • SHA256

      9dd1935fcac2161ef8dc46b31ae921529cddd9eefa3585549a56224aa27e6786

    • SHA512

      f186611d10c4c723c3a9679f1c72af02cde2245f9efef476749fc1d3bd711d90b335b2ccfc07ce4baee53fd16c3c9629e053a82b910021ecac3b968794a0a99d

    • SSDEEP

      3072:BYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ByOqqDL64vdGREz

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks