Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-23_73dd267765c025163615faa216189d4f_karagany_mafia
-
Size
308KB
-
Sample
240223-fe1kxsbg52
-
MD5
73dd267765c025163615faa216189d4f
-
SHA1
506cf88c2a3d03cc7c9c87770bf80660ae994ef6
-
SHA256
356fb936abf54524d766199857e2dd128a5185303703beeb52c3ff7b7fa16aa1
-
SHA512
ba797ad44151b69d828acb48b9846d09a9418ae6b5557fde54bfa701c9a8d9423e928893d2ab44f7fdc57b18e5f7f245b848c80efd7fdc21c2401b5aa85b06ac
-
SSDEEP
6144:wzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:WDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-23_73dd267765c025163615faa216189d4f_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-02-23_73dd267765c025163615faa216189d4f_karagany_mafia.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
2024-02-23_73dd267765c025163615faa216189d4f_karagany_mafia
-
Size
308KB
-
MD5
73dd267765c025163615faa216189d4f
-
SHA1
506cf88c2a3d03cc7c9c87770bf80660ae994ef6
-
SHA256
356fb936abf54524d766199857e2dd128a5185303703beeb52c3ff7b7fa16aa1
-
SHA512
ba797ad44151b69d828acb48b9846d09a9418ae6b5557fde54bfa701c9a8d9423e928893d2ab44f7fdc57b18e5f7f245b848c80efd7fdc21c2401b5aa85b06ac
-
SSDEEP
6144:wzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:WDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-