Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-23...ab.exe

windows7-x64

10

2025-01-23...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-23_181cfaeace975e65189695784323e1b2_gandcrab

  • Size

    72KB

  • Sample

    250123-z865cavqhm

  • MD5

    181cfaeace975e65189695784323e1b2

  • SHA1

    e549083b478dfbe3fbc7b5020fa758b408d1e363

  • SHA256

    232d3e57a39b1c9e67e346d998711859a4b6c3ed9b3689c943b5ac42cde83f9f

  • SHA512

    704f65bc27321b68f20160f639bd572783a3c83a1a2a30ad49d97d5007e80f13f470c4a39c19f58ca1a88f1c389518fd68fd3a843077586d769483d968b0d346

  • SSDEEP

    1536:/ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXouvVdq8hbHnAwfMqqU+2bbbAV2/S2Lkvj:XBouvVzFHpfMqqDL2/Lkvd

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2025-01-23_181cfaeace975e65189695784323e1b2_gandcrab

    • Size

      72KB

    • MD5

      181cfaeace975e65189695784323e1b2

    • SHA1

      e549083b478dfbe3fbc7b5020fa758b408d1e363

    • SHA256

      232d3e57a39b1c9e67e346d998711859a4b6c3ed9b3689c943b5ac42cde83f9f

    • SHA512

      704f65bc27321b68f20160f639bd572783a3c83a1a2a30ad49d97d5007e80f13f470c4a39c19f58ca1a88f1c389518fd68fd3a843077586d769483d968b0d346

    • SSDEEP

      1536:/ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXouvVdq8hbHnAwfMqqU+2bbbAV2/S2Lkvj:XBouvVzFHpfMqqDL2/Lkvd

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks