Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-18_7e0e1667c56b5cdb2e15b1d587cb3bec_mafia
-
Size
351KB
-
Sample
240118-2x3znaedd3
-
MD5
7e0e1667c56b5cdb2e15b1d587cb3bec
-
SHA1
00af78ee959a02f48fbc5a9d21289797da49badb
-
SHA256
00611d90e3cfc5db22ce7ddab3e26bc7b0aee03ba5c57a88834e6c29fe59277e
-
SHA512
4fda9c1b70fafb72c95dc8a5c7efebf68e06cf797df52d2d0944921fbcf982cc713de11ba4c06db2141b07166ba6d7ee254d5753f7c20713ca22e54131e9ae5f
-
SSDEEP
3072:rpNMs+Kr1wbWGjl0xjsNNeVKBNVBxKT46xl+wndfIQQOaC3QBn7/hsb2BhGZ1/Nb:rpNMsLWEjsXjBATRpuuwnGD/Nj6a
Malware Config
Targets
-
-
Target
2024-01-18_7e0e1667c56b5cdb2e15b1d587cb3bec_mafia
-
Size
351KB
-
MD5
7e0e1667c56b5cdb2e15b1d587cb3bec
-
SHA1
00af78ee959a02f48fbc5a9d21289797da49badb
-
SHA256
00611d90e3cfc5db22ce7ddab3e26bc7b0aee03ba5c57a88834e6c29fe59277e
-
SHA512
4fda9c1b70fafb72c95dc8a5c7efebf68e06cf797df52d2d0944921fbcf982cc713de11ba4c06db2141b07166ba6d7ee254d5753f7c20713ca22e54131e9ae5f
-
SSDEEP
3072:rpNMs+Kr1wbWGjl0xjsNNeVKBNVBxKT46xl+wndfIQQOaC3QBn7/hsb2BhGZ1/Nb:rpNMsLWEjsXjBATRpuuwnGD/Nj6a
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-