Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-04_b2ded7bf639ec8bce0ef92c2f34d32bd_gandcrab
-
Size
97KB
-
Sample
240204-eel7vsghd9
-
MD5
b2ded7bf639ec8bce0ef92c2f34d32bd
-
SHA1
524efab304ee5530a39f503d64bf4f54627aa2c4
-
SHA256
2e3ff87d47b1b7ee691c09781a711bd9a9bf818adb66550026e19561ec075c26
-
SHA512
0331ad9d3222db50fa0acda9a3accbf86a4c043b6439eb94114db02bba36d3211108595c568db0be1fa6b17b56ae2654cffb43112dfd1bd10c227cec6a128e98
-
SSDEEP
1536:8ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:iBounVyFHFMqqDL2/LgHkc2
Malware Config
Targets
-
-
Target
2024-02-04_b2ded7bf639ec8bce0ef92c2f34d32bd_gandcrab
-
Size
97KB
-
MD5
b2ded7bf639ec8bce0ef92c2f34d32bd
-
SHA1
524efab304ee5530a39f503d64bf4f54627aa2c4
-
SHA256
2e3ff87d47b1b7ee691c09781a711bd9a9bf818adb66550026e19561ec075c26
-
SHA512
0331ad9d3222db50fa0acda9a3accbf86a4c043b6439eb94114db02bba36d3211108595c568db0be1fa6b17b56ae2654cffb43112dfd1bd10c227cec6a128e98
-
SSDEEP
1536:8ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:iBounVyFHFMqqDL2/LgHkc2
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
UPX dump on OEP (original entry point)
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-