Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-19_1a016e91d49f70389e9184a7e54de941_karagany_mafia

  • Size

    250KB

  • Sample

    240219-y666wsce2t

  • MD5

    1a016e91d49f70389e9184a7e54de941

  • SHA1

    04a6942f63bde4aeec23e146be5da9725ef77365

  • SHA256

    d58778ad2a9213fa607cecfddfd308d7b9926c28f5c652b935183758ed1c9ebd

  • SHA512

    da89045e4e38ca04d8676563e970f34cfe1c5595869faae7b4b1588e7dc8fee24e881b4c87384f6a699566f3c15ba8bc7b0c7e12aa6f61498d468933879da122

  • SSDEEP

    3072:I/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:I/y20Gj0r+EBFrkvlU3RvIUDOIN

Malware Config

Targets

    • Target

      2024-02-19_1a016e91d49f70389e9184a7e54de941_karagany_mafia

    • Size

      250KB

    • MD5

      1a016e91d49f70389e9184a7e54de941

    • SHA1

      04a6942f63bde4aeec23e146be5da9725ef77365

    • SHA256

      d58778ad2a9213fa607cecfddfd308d7b9926c28f5c652b935183758ed1c9ebd

    • SHA512

      da89045e4e38ca04d8676563e970f34cfe1c5595869faae7b4b1588e7dc8fee24e881b4c87384f6a699566f3c15ba8bc7b0c7e12aa6f61498d468933879da122

    • SSDEEP

      3072:I/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:I/y20Gj0r+EBFrkvlU3RvIUDOIN

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks