Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

93f1059dac...ex.exe

windows7-x64

10

93f1059dac...ex.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93f1059dac0c6cexeexeexeex.exe

  • Size

    126KB

  • Sample

    230709-nbbfmacf87

  • MD5

    93f1059dac0c6cf2c479fb0082b8abd4

  • SHA1

    501bce59628a1bf50bb5c019c0c598d261c00030

  • SHA256

    7e72ec0fd0bef70368df45ea039c7f4b8aba55969d99b1e531b65b9356675b86

  • SHA512

    2449600547c414d619fb5bc95058a0b89480b8ad9a34b82350a81a213b4c575754747dba0ab65bb20247ac67ea25637a480ae1398fe8306c8b14ee094b04e3e1

  • SSDEEP

    1536:gZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHks:OBounVyFHFMqqDL2/LgHkc2oYvQd2a

Score
10/10
gandcrabbackdoorpersistenceransomwareupx

Malware Config

Targets

    • Target

      93f1059dac0c6cexeexeexeex.exe

    • Size

      126KB

    • MD5

      93f1059dac0c6cf2c479fb0082b8abd4

    • SHA1

      501bce59628a1bf50bb5c019c0c598d261c00030

    • SHA256

      7e72ec0fd0bef70368df45ea039c7f4b8aba55969d99b1e531b65b9356675b86

    • SHA512

      2449600547c414d619fb5bc95058a0b89480b8ad9a34b82350a81a213b4c575754747dba0ab65bb20247ac67ea25637a480ae1398fe8306c8b14ee094b04e3e1

    • SSDEEP

      1536:gZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHks:OBounVyFHFMqqDL2/LgHkc2oYvQd2a

    Score
    10/10
    gandcrabbackdoorpersistenceransomwareupx

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks