Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-01...ab.exe

windows7-x64

6

2025-01-01...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_ae6fe3cd1a123ebcd7fa99d931949fbe_gandcrab

  • Size

    75KB

  • Sample

    250101-xlf9as1lcq

  • MD5

    ae6fe3cd1a123ebcd7fa99d931949fbe

  • SHA1

    fa84360d97093473aa8280c7c4cbffed2ad113cf

  • SHA256

    c1109b1154fc873f305d78d0a8950cbe6ad3b27e37b89d1d4da616518446ca26

  • SHA512

    9bb0f6c53134a5df7554b495da58179513a19e864bfb105d09ac018b18eead62fb1e880444dab6328b29b626d5e9a4488048ed1e6f362398720e7161703c64b1

  • SSDEEP

    1536:5555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:GMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-01_ae6fe3cd1a123ebcd7fa99d931949fbe_gandcrab

    • Size

      75KB

    • MD5

      ae6fe3cd1a123ebcd7fa99d931949fbe

    • SHA1

      fa84360d97093473aa8280c7c4cbffed2ad113cf

    • SHA256

      c1109b1154fc873f305d78d0a8950cbe6ad3b27e37b89d1d4da616518446ca26

    • SHA512

      9bb0f6c53134a5df7554b495da58179513a19e864bfb105d09ac018b18eead62fb1e880444dab6328b29b626d5e9a4488048ed1e6f362398720e7161703c64b1

    • SSDEEP

      1536:5555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:GMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.