Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia

  • Size

    308KB

  • Sample

    240406-1pr2racf78

  • MD5

    b8ac538cb086ed85ac5f41a2f181acfe

  • SHA1

    5f0439968778b07ec66b1faceb9af8eaa13a64ea

  • SHA256

    185d98cb25e25bdfe01d3cda6973a7a18fe96aac1a9e79aca124c5c2f55bbdf1

  • SHA512

    186fdc7da40caac6e90a6e243b1f69a4b1d2340b2162342bb1f6654ad2bab36ad049c3dc0b8eb956c9993288fb5f686aed37f8306be60e7f0ecdf4facede70f9

  • SSDEEP

    6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH

Malware Config

Targets

    • Target

      2024-04-06_b8ac538cb086ed85ac5f41a2f181acfe_karagany_mafia

    • Size

      308KB

    • MD5

      b8ac538cb086ed85ac5f41a2f181acfe

    • SHA1

      5f0439968778b07ec66b1faceb9af8eaa13a64ea

    • SHA256

      185d98cb25e25bdfe01d3cda6973a7a18fe96aac1a9e79aca124c5c2f55bbdf1

    • SHA512

      186fdc7da40caac6e90a6e243b1f69a4b1d2340b2162342bb1f6654ad2bab36ad049c3dc0b8eb956c9993288fb5f686aed37f8306be60e7f0ecdf4facede70f9

    • SSDEEP

      6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks