Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-01...ab.exe

windows7-x64

6

2025-01-01...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_ae6fe3cd1a123ebcd7fa99d931949fbe_gandcrab

  • Size

    75KB

  • Sample

    250101-xlf9as1lcq

  • MD5

    ae6fe3cd1a123ebcd7fa99d931949fbe

  • SHA1

    fa84360d97093473aa8280c7c4cbffed2ad113cf

  • SHA256

    c1109b1154fc873f305d78d0a8950cbe6ad3b27e37b89d1d4da616518446ca26

  • SHA512

    9bb0f6c53134a5df7554b495da58179513a19e864bfb105d09ac018b18eead62fb1e880444dab6328b29b626d5e9a4488048ed1e6f362398720e7161703c64b1

  • SSDEEP

    1536:5555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:GMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-01_ae6fe3cd1a123ebcd7fa99d931949fbe_gandcrab

    • Size

      75KB

    • MD5

      ae6fe3cd1a123ebcd7fa99d931949fbe

    • SHA1

      fa84360d97093473aa8280c7c4cbffed2ad113cf

    • SHA256

      c1109b1154fc873f305d78d0a8950cbe6ad3b27e37b89d1d4da616518446ca26

    • SHA512

      9bb0f6c53134a5df7554b495da58179513a19e864bfb105d09ac018b18eead62fb1e880444dab6328b29b626d5e9a4488048ed1e6f362398720e7161703c64b1

    • SSDEEP

      1536:5555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:GMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks