Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-25_e8de18fd73511aa4a7753be0a2e58bc7_gandcrab
-
Size
145KB
-
Sample
240125-ls3kbseaam
-
MD5
e8de18fd73511aa4a7753be0a2e58bc7
-
SHA1
bb4476b8a1c923dd431ca2958bdd12ea92938894
-
SHA256
4331cae9c9d41849a5dee1eef5baabb0361fd34abffd09efb2f8eca2de4129d2
-
SHA512
ed96dbd3e1b39a2ad3a641f78d5d0f22e17a340f8a51adb1f822e0443a705e65546c76d74e4402399e7f9da6379d289bf252b68a30f39b9e2a2760ca24f45463
-
SSDEEP
3072:+YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:+yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-01-25_e8de18fd73511aa4a7753be0a2e58bc7_gandcrab.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-01-25_e8de18fd73511aa4a7753be0a2e58bc7_gandcrab.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-25_e8de18fd73511aa4a7753be0a2e58bc7_gandcrab
-
Size
145KB
-
MD5
e8de18fd73511aa4a7753be0a2e58bc7
-
SHA1
bb4476b8a1c923dd431ca2958bdd12ea92938894
-
SHA256
4331cae9c9d41849a5dee1eef5baabb0361fd34abffd09efb2f8eca2de4129d2
-
SHA512
ed96dbd3e1b39a2ad3a641f78d5d0f22e17a340f8a51adb1f822e0443a705e65546c76d74e4402399e7f9da6379d289bf252b68a30f39b9e2a2760ca24f45463
-
SSDEEP
3072:+YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:+yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-