Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia
-
Size
308KB
-
Sample
240406-1pr2racf78
-
MD5
b8ac538cb086ed85ac5f41a2f181acfe
-
SHA1
5f0439968778b07ec66b1faceb9af8eaa13a64ea
-
SHA256
185d98cb25e25bdfe01d3cda6973a7a18fe96aac1a9e79aca124c5c2f55bbdf1
-
SHA512
186fdc7da40caac6e90a6e243b1f69a4b1d2340b2162342bb1f6654ad2bab36ad049c3dc0b8eb956c9993288fb5f686aed37f8306be60e7f0ecdf4facede70f9
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia
-
Size
308KB
-
MD5
b8ac538cb086ed85ac5f41a2f181acfe
-
SHA1
5f0439968778b07ec66b1faceb9af8eaa13a64ea
-
SHA256
185d98cb25e25bdfe01d3cda6973a7a18fe96aac1a9e79aca124c5c2f55bbdf1
-
SHA512
186fdc7da40caac6e90a6e243b1f69a4b1d2340b2162342bb1f6654ad2bab36ad049c3dc0b8eb956c9993288fb5f686aed37f8306be60e7f0ecdf4facede70f9
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-