Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

fa08961a54...JC.exe

windows7-x64

10

fa08961a54...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa08961a542b9c28e4180ace17a5ad28_gandcrab_JC.exe

  • Size

    145KB

  • Sample

    230815-veaf3acb63

  • MD5

    fa08961a542b9c28e4180ace17a5ad28

  • SHA1

    e7163580d636fd88de311e49b0b48069bf8635a4

  • SHA256

    07ad98f1b863912458084984f0353eec8df1fbe1b020ebb4092b25aca6491e3e

  • SHA512

    dc89bbd616a7e28aae7735e1ba696cf802f5ffc26f1c46ed5d712f99fabfbbe7c7e50226e631f2a0a19bdaaeb00ce77e01f89fd582dad13425ef946e3e6d759a

  • SSDEEP

    3072:MYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:MyOqqDL64vdGREz

Score
10/10
gandcrabbackdoorpersistenceransomware

Malware Config

Targets

    • Target

      fa08961a542b9c28e4180ace17a5ad28_gandcrab_JC.exe

    • Size

      145KB

    • MD5

      fa08961a542b9c28e4180ace17a5ad28

    • SHA1

      e7163580d636fd88de311e49b0b48069bf8635a4

    • SHA256

      07ad98f1b863912458084984f0353eec8df1fbe1b020ebb4092b25aca6491e3e

    • SHA512

      dc89bbd616a7e28aae7735e1ba696cf802f5ffc26f1c46ed5d712f99fabfbbe7c7e50226e631f2a0a19bdaaeb00ce77e01f89fd582dad13425ef946e3e6d759a

    • SSDEEP

      3072:MYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:MyOqqDL64vdGREz

    Score
    10/10
    gandcrabbackdoorpersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks