General
-
Target
2024-06-24_cf97890465243c434fb386fc8db27181_gandcrab
-
Size
73KB
-
Sample
240624-yc69sszbpa
-
MD5
cf97890465243c434fb386fc8db27181
-
SHA1
5c43028c6da7242d032b8a490f062e7446b92d3f
-
SHA256
1b5be7b1c1c2442ddbcef81a2f412d22d829482eafb52a11d3e5a8a729a184c2
-
SHA512
b4f7373eead620173b3aa5bf1ab3950d1b686b839d142ef4437d9f9c28e11fa587a53f7b7170e9bc86d9e67cf69855a85b15c7ecd311dadda8f46fcc92129e22
-
SSDEEP
1536:J55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:BMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F
Behavioral task
behavioral1
Sample
2024-06-24_cf97890465243c434fb386fc8db27181_gandcrab.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-06-24_cf97890465243c434fb386fc8db27181_gandcrab.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-06-24_cf97890465243c434fb386fc8db27181_gandcrab
-
Size
73KB
-
MD5
cf97890465243c434fb386fc8db27181
-
SHA1
5c43028c6da7242d032b8a490f062e7446b92d3f
-
SHA256
1b5be7b1c1c2442ddbcef81a2f412d22d829482eafb52a11d3e5a8a729a184c2
-
SHA512
b4f7373eead620173b3aa5bf1ab3950d1b686b839d142ef4437d9f9c28e11fa587a53f7b7170e9bc86d9e67cf69855a85b15c7ecd311dadda8f46fcc92129e22
-
SSDEEP
1536:J55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:BMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-