Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-23...ab.exe

windows7-x64

10

2025-01-23...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-23_1f197dd6aab58a202f02907b5ffdcf90_gandcrab

  • Size

    72KB

  • Sample

    250123-v6vajsyncr

  • MD5

    1f197dd6aab58a202f02907b5ffdcf90

  • SHA1

    06fb37414f9e7791d85ac02d6c452fe1fabef40b

  • SHA256

    af83d326623222714d958200656c7d6ef7301c4dde34d801023bc23a0461f4d9

  • SHA512

    068b97e1537e5e2f6b805e62a37f3ad9b42c11d554de941b675dcb5df688e810d139696067f074816b10a6bf27f3050def2e272e8e07b9d278f5fbc036a7d576

  • SSDEEP

    768:GBIxo9TZkKXN7VfiFohEJH5co/iej2JWOkKgTiGMqWNUMFAHJ9E3lvd6s:2Ixo9TNXy9coqlWOkKgdMqqUM2Lkvd6

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2025-01-23_1f197dd6aab58a202f02907b5ffdcf90_gandcrab

    • Size

      72KB

    • MD5

      1f197dd6aab58a202f02907b5ffdcf90

    • SHA1

      06fb37414f9e7791d85ac02d6c452fe1fabef40b

    • SHA256

      af83d326623222714d958200656c7d6ef7301c4dde34d801023bc23a0461f4d9

    • SHA512

      068b97e1537e5e2f6b805e62a37f3ad9b42c11d554de941b675dcb5df688e810d139696067f074816b10a6bf27f3050def2e272e8e07b9d278f5fbc036a7d576

    • SSDEEP

      768:GBIxo9TZkKXN7VfiFohEJH5co/iej2JWOkKgTiGMqWNUMFAHJ9E3lvd6s:2Ixo9TNXy9coqlWOkKgdMqqUM2Lkvd6

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.