Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-01-28_ebe9a9d5de78dfda32a325fc76aa3c8e_gandcrab
-
Size
145KB
-
Sample
240128-vchpnaeaa4
-
MD5
ebe9a9d5de78dfda32a325fc76aa3c8e
-
SHA1
75e6ae43295989aa20e0017b0a54048a32f4eaef
-
SHA256
ffe2c408eb3f673e26fe7e2f50ad97f2bdabf71d445b139d85c8eae0c903489a
-
SHA512
606fc1f6f6bbfbd06e71b973764a71dfad4f8461b2e5877e33a1325a09ee1bfe017d721b92295b7504fd28f356c4edfb1f775d1a7d185bbcbddfa03494211736
-
SSDEEP
3072:lYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:lyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-01-28_ebe9a9d5de78dfda32a325fc76aa3c8e_gandcrab.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-28_ebe9a9d5de78dfda32a325fc76aa3c8e_gandcrab.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-28_ebe9a9d5de78dfda32a325fc76aa3c8e_gandcrab
-
Size
145KB
-
MD5
ebe9a9d5de78dfda32a325fc76aa3c8e
-
SHA1
75e6ae43295989aa20e0017b0a54048a32f4eaef
-
SHA256
ffe2c408eb3f673e26fe7e2f50ad97f2bdabf71d445b139d85c8eae0c903489a
-
SHA512
606fc1f6f6bbfbd06e71b973764a71dfad4f8461b2e5877e33a1325a09ee1bfe017d721b92295b7504fd28f356c4edfb1f775d1a7d185bbcbddfa03494211736
-
SSDEEP
3072:lYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:lyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-