Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe
-
Size
308KB
-
Sample
230802-wmteksgd72
-
MD5
3e9bbf6f8d49eba0d03ee866d05d4264
-
SHA1
fd27e867dee3f81afacf26b280b9cc4202621704
-
SHA256
ad02a3c263d73d1e065bda64104b6901341c8716cc57b27b1819b76438fc409e
-
SHA512
ac575d340eb6c88d2ca1a7be79f0b328b3d6760aeb09f99651bc3f858610cd3525ab909ce55288b1424cc27f44dbaf830fa3282e3fe4b39147f730ae56667521
-
SSDEEP
6144:7zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:pDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe
-
Size
308KB
-
MD5
3e9bbf6f8d49eba0d03ee866d05d4264
-
SHA1
fd27e867dee3f81afacf26b280b9cc4202621704
-
SHA256
ad02a3c263d73d1e065bda64104b6901341c8716cc57b27b1819b76438fc409e
-
SHA512
ac575d340eb6c88d2ca1a7be79f0b328b3d6760aeb09f99651bc3f858610cd3525ab909ce55288b1424cc27f44dbaf830fa3282e3fe4b39147f730ae56667521
-
SSDEEP
6144:7zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:pDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-