General
-
Target
2024-06-24_21c98f764bfa9808773d1036549a2044_gandcrab
-
Size
99KB
-
Sample
240624-s69dcstbnl
-
MD5
21c98f764bfa9808773d1036549a2044
-
SHA1
a3fe0083439a948f50ef1f0962c2ecad66208ea5
-
SHA256
51586da87391a133fb2b8ee5d3baaae22a6e49393521d517bd5d3e1467be3ae6
-
SHA512
e812cb1e58e03b9e9e048337f314398390d9c0f252556e7fe0beba79d569664c8eed28e45cbf48a67da031a7b6bf19533bb9b1b61991f146e24a79f1fea1afd3
-
SSDEEP
3072:LMSjOnrmBIMqqDL2/mr3IdE8we0Avu5r++ygLIaaypQ8CrS6e:LXjOnr6jqqDL6aprYS6e
Behavioral task
behavioral1
Sample
2024-06-24_21c98f764bfa9808773d1036549a2044_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-24_21c98f764bfa9808773d1036549a2044_gandcrab.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-06-24_21c98f764bfa9808773d1036549a2044_gandcrab
-
Size
99KB
-
MD5
21c98f764bfa9808773d1036549a2044
-
SHA1
a3fe0083439a948f50ef1f0962c2ecad66208ea5
-
SHA256
51586da87391a133fb2b8ee5d3baaae22a6e49393521d517bd5d3e1467be3ae6
-
SHA512
e812cb1e58e03b9e9e048337f314398390d9c0f252556e7fe0beba79d569664c8eed28e45cbf48a67da031a7b6bf19533bb9b1b61991f146e24a79f1fea1afd3
-
SSDEEP
3072:LMSjOnrmBIMqqDL2/mr3IdE8we0Avu5r++ygLIaaypQ8CrS6e:LXjOnr6jqqDL6aprYS6e
Score10/10-
GandCrab payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-