General
-
Target
2024-06-14_45327976f6c69a38f3b165f1033bae68_gandcrab
-
Size
97KB
-
Sample
240614-x5zjzssgrf
-
MD5
45327976f6c69a38f3b165f1033bae68
-
SHA1
79b64dc7f81e7241fc96f79737bb54051545467e
-
SHA256
931443c53e089806f2bae47810877cbb5b66de41f12ad280f72f0ed4cc96cd62
-
SHA512
acdf0fd10abc56c8f8c7c52d329b078f757e1209139aea22e8929f008a18aeaba158a4e3caeb62e9470ccb0753c5962cba423f893c85801bfe8b87ff31948755
-
SSDEEP
1536:kZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:6BounVyFHkMqqDL2/LgHkctc
Behavioral task
behavioral1
Sample
2024-06-14_45327976f6c69a38f3b165f1033bae68_gandcrab.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2024-06-14_45327976f6c69a38f3b165f1033bae68_gandcrab.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2024-06-14_45327976f6c69a38f3b165f1033bae68_gandcrab
-
Size
97KB
-
MD5
45327976f6c69a38f3b165f1033bae68
-
SHA1
79b64dc7f81e7241fc96f79737bb54051545467e
-
SHA256
931443c53e089806f2bae47810877cbb5b66de41f12ad280f72f0ed4cc96cd62
-
SHA512
acdf0fd10abc56c8f8c7c52d329b078f757e1209139aea22e8929f008a18aeaba158a4e3caeb62e9470ccb0753c5962cba423f893c85801bfe8b87ff31948755
-
SSDEEP
1536:kZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:6BounVyFHkMqqDL2/LgHkctc
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
UPX dump on OEP (original entry point)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-