Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-04_8af1162e9d8760024d4c50aa2269cc40_karagany_mafia
-
Size
257KB
-
Sample
240204-rwjjhseafr
-
MD5
8af1162e9d8760024d4c50aa2269cc40
-
SHA1
d05745eeee000100b4c59c3473c5f55aed5198db
-
SHA256
30469e49b7acf3718af1b2a58def19b2c1ba1e53e151baf41bec73af79ed14c4
-
SHA512
49be2c62c89306268de33b2ab321367a32d0144c8a2b5f00c0d5600d20d71227ec9461918841d23e76851b1d80849420d9d8c0133f6c1bd510bed4a8bb6a8bbe
-
SSDEEP
6144:5JvXbVklS/zDiWsg4Ig1ubxq6ckd+QWm5iGgw3Yx:DVklS/qHg4EbVckYBJGT3Yx
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-04_8af1162e9d8760024d4c50aa2269cc40_karagany_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-02-04_8af1162e9d8760024d4c50aa2269cc40_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-04_8af1162e9d8760024d4c50aa2269cc40_karagany_mafia
-
Size
257KB
-
MD5
8af1162e9d8760024d4c50aa2269cc40
-
SHA1
d05745eeee000100b4c59c3473c5f55aed5198db
-
SHA256
30469e49b7acf3718af1b2a58def19b2c1ba1e53e151baf41bec73af79ed14c4
-
SHA512
49be2c62c89306268de33b2ab321367a32d0144c8a2b5f00c0d5600d20d71227ec9461918841d23e76851b1d80849420d9d8c0133f6c1bd510bed4a8bb6a8bbe
-
SSDEEP
6144:5JvXbVklS/zDiWsg4Ig1ubxq6ckd+QWm5iGgw3Yx:DVklS/qHg4EbVckYBJGT3Yx
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-