Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe

  • Size

    308KB

  • Sample

    230802-wmteksgd72

  • MD5

    3e9bbf6f8d49eba0d03ee866d05d4264

  • SHA1

    fd27e867dee3f81afacf26b280b9cc4202621704

  • SHA256

    ad02a3c263d73d1e065bda64104b6901341c8716cc57b27b1819b76438fc409e

  • SHA512

    ac575d340eb6c88d2ca1a7be79f0b328b3d6760aeb09f99651bc3f858610cd3525ab909ce55288b1424cc27f44dbaf830fa3282e3fe4b39147f730ae56667521

  • SSDEEP

    6144:7zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:pDHNam62ZdKmZmuPH

Malware Config

Targets

    • Target

      3e9bbf6f8d49eba0d03ee866d05d4264_mafia_JC.exe

    • Size

      308KB

    • MD5

      3e9bbf6f8d49eba0d03ee866d05d4264

    • SHA1

      fd27e867dee3f81afacf26b280b9cc4202621704

    • SHA256

      ad02a3c263d73d1e065bda64104b6901341c8716cc57b27b1819b76438fc409e

    • SHA512

      ac575d340eb6c88d2ca1a7be79f0b328b3d6760aeb09f99651bc3f858610cd3525ab909ce55288b1424cc27f44dbaf830fa3282e3fe4b39147f730ae56667521

    • SSDEEP

      6144:7zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:pDHNam62ZdKmZmuPH

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.