Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-01-28...ab.exe

windows7-x64

6

2025-01-28...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-28_34eb86dfa70710ec87f5b721fb44003a_gandcrab

  • Size

    73KB

  • Sample

    250128-y7f14atlfl

  • MD5

    34eb86dfa70710ec87f5b721fb44003a

  • SHA1

    5604162da2eb73e8e0ba353e86bb78c9074ffe94

  • SHA256

    14a3d276d27cbd6a7be637ea116a130ef1a49070949cecd4faf69a311965c130

  • SHA512

    7d997d9513dd0537c65a22d6da077044381a31bef3b1b45223031fb5b04681dd463033549a0fe865a02acfa691fc7e90e71743ac21e2062d2d29825394a42fb8

  • SSDEEP

    1536:Nskzu+1QHrSYKbMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:Nhi+1QHrSPMqqMmr3IdE8we0Avu5r++N

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-28_34eb86dfa70710ec87f5b721fb44003a_gandcrab

    • Size

      73KB

    • MD5

      34eb86dfa70710ec87f5b721fb44003a

    • SHA1

      5604162da2eb73e8e0ba353e86bb78c9074ffe94

    • SHA256

      14a3d276d27cbd6a7be637ea116a130ef1a49070949cecd4faf69a311965c130

    • SHA512

      7d997d9513dd0537c65a22d6da077044381a31bef3b1b45223031fb5b04681dd463033549a0fe865a02acfa691fc7e90e71743ac21e2062d2d29825394a42fb8

    • SSDEEP

      1536:Nskzu+1QHrSYKbMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:Nhi+1QHrSPMqqMmr3IdE8we0Avu5r++N

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks