Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-23...ab.exe

windows7-x64

6

2025-01-23...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-23_0e853cb113ec6041d92672f775de9966_gandcrab

  • Size

    73KB

  • Sample

    250123-y7mhwasjgt

  • MD5

    0e853cb113ec6041d92672f775de9966

  • SHA1

    5f72d1342c676aa410c2d0ae2579e0414043fa5f

  • SHA256

    c6ce3074aaef6b63c90a487b8c7059d126478746ab7a3e5bed734a4161fda029

  • SHA512

    48520a01fcf699eafcdf1dd1bf8665094d08fddcefe9ef6328d3df9bc1f5674b24a404228750b721b68a2ae8bd0e9878cd798eb27e33699c79ecf8966a04b907

  • SSDEEP

    1536:O555555555555pmgSeGDjtQhnwmmB0yWMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r+:/MSjOnrmBuMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-23_0e853cb113ec6041d92672f775de9966_gandcrab

    • Size

      73KB

    • MD5

      0e853cb113ec6041d92672f775de9966

    • SHA1

      5f72d1342c676aa410c2d0ae2579e0414043fa5f

    • SHA256

      c6ce3074aaef6b63c90a487b8c7059d126478746ab7a3e5bed734a4161fda029

    • SHA512

      48520a01fcf699eafcdf1dd1bf8665094d08fddcefe9ef6328d3df9bc1f5674b24a404228750b721b68a2ae8bd0e9878cd798eb27e33699c79ecf8966a04b907

    • SSDEEP

      1536:O555555555555pmgSeGDjtQhnwmmB0yWMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r+:/MSjOnrmBuMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks