Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2025-01-22_0082ad6df8fb61cf3eee67833ce21d7e_gandcrab

  • Size

    72KB

  • Sample

    250122-nhkmwavlaq

  • MD5

    0082ad6df8fb61cf3eee67833ce21d7e

  • SHA1

    0384505ea7cd2fe9f4bae74e05f1ca497b8d3b43

  • SHA256

    3d89464a49957de29721a8411923065569343a9ac66a17076a97dea0193fd5b6

  • SHA512

    7279e02b2ba3fdb44ea42f642f54562653763845e75ab6053663122c084e6c67b585e06c20c84adb1b40cf6fcca57919cc8ddcd9fd6c3a6e8b18af0563bdfc7f

  • SSDEEP

    1536:uZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXouuVL8hbHnAwfMqqU+2bbbAV2/S2Lkvde:4BouuVIFHpfMqqDL2/Lkvd

Malware Config

Targets

    • Target

      2025-01-22_0082ad6df8fb61cf3eee67833ce21d7e_gandcrab

    • Size

      72KB

    • MD5

      0082ad6df8fb61cf3eee67833ce21d7e

    • SHA1

      0384505ea7cd2fe9f4bae74e05f1ca497b8d3b43

    • SHA256

      3d89464a49957de29721a8411923065569343a9ac66a17076a97dea0193fd5b6

    • SHA512

      7279e02b2ba3fdb44ea42f642f54562653763845e75ab6053663122c084e6c67b585e06c20c84adb1b40cf6fcca57919cc8ddcd9fd6c3a6e8b18af0563bdfc7f

    • SSDEEP

      1536:uZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXouuVL8hbHnAwfMqqU+2bbbAV2/S2Lkvde:4BouuVIFHpfMqqDL2/Lkvd

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks