Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-02-25_65e342499c773c003799b4a59dc80744_karagany_mafia

  • Size

    308KB

  • Sample

    240225-x832ksbc3v

  • MD5

    65e342499c773c003799b4a59dc80744

  • SHA1

    13bd4b6e8477ef8d17d894b0ebfa957482bd89cf

  • SHA256

    30cfb5c966e2fea2f36bff95a4879f1bbfc2d7bc270e76cf6d4aeb0357f5c80b

  • SHA512

    7532a76522a30c023410a32d84d9701b6c217dd7688d191b687f27b084b14871b2aabe007fefb08f0a3946ebd5cf5494385238a4d23e8c82188fea9d7e9e087b

  • SSDEEP

    6144:uzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:sDHNam62ZdKmZmuPH

Malware Config

Targets

    • Target

      2024-02-25_65e342499c773c003799b4a59dc80744_karagany_mafia

    • Size

      308KB

    • MD5

      65e342499c773c003799b4a59dc80744

    • SHA1

      13bd4b6e8477ef8d17d894b0ebfa957482bd89cf

    • SHA256

      30cfb5c966e2fea2f36bff95a4879f1bbfc2d7bc270e76cf6d4aeb0357f5c80b

    • SHA512

      7532a76522a30c023410a32d84d9701b6c217dd7688d191b687f27b084b14871b2aabe007fefb08f0a3946ebd5cf5494385238a4d23e8c82188fea9d7e9e087b

    • SSDEEP

      6144:uzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:sDHNam62ZdKmZmuPH

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks