Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3802078969745db373c08aad4c6dfc12.bin

  • Size

    300KB

  • Sample

    240329-b1ajeaef49

  • MD5

    3802078969745db373c08aad4c6dfc12

  • SHA1

    8767190ced02b19d4d515f3b53ae5537e2296e97

  • SHA256

    481ad8f30ca4464b61a7886eb41db0e0e59f5d6fb65389b1e9b18f82f985ed5f

  • SHA512

    53ebeadc8d3f418dbdbdf54a180c0307fab650b2e5bf8de341a80fd8ac11344f577666e09f80a245c655d591dfc46d946b21baf7b45f1ab1928fb1d2489e38b3

  • SSDEEP

    6144:ovEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:nuM0Unsna5mut40B

Malware Config

Targets

    • Target

      3802078969745db373c08aad4c6dfc12.bin

    • Size

      300KB

    • MD5

      3802078969745db373c08aad4c6dfc12

    • SHA1

      8767190ced02b19d4d515f3b53ae5537e2296e97

    • SHA256

      481ad8f30ca4464b61a7886eb41db0e0e59f5d6fb65389b1e9b18f82f985ed5f

    • SHA512

      53ebeadc8d3f418dbdbdf54a180c0307fab650b2e5bf8de341a80fd8ac11344f577666e09f80a245c655d591dfc46d946b21baf7b45f1ab1928fb1d2489e38b3

    • SSDEEP

      6144:ovEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:nuM0Unsna5mut40B

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks