gandcrab | f14b8eb87e6323eb003efaf52e8882cf82f18b18e829031ef137ab22f16dba5b | Triage

Submit
Reports

Overview

overview

Static

static

2024-07-02...ab.exe

windows7-x64

6

2024-07-02...ab.exe

windows10-2004-x64

6

Sharing

General

Target

2024-07-02_53bb7b6d96c7216ab598706cdd3084af_gandcrab
Size

72KB
Sample

240702-hahwesthjp
MD5

53bb7b6d96c7216ab598706cdd3084af
SHA1

12b722b1160768f517183bdc9f8dd90b63b5e19f
SHA256

f14b8eb87e6323eb003efaf52e8882cf82f18b18e829031ef137ab22f16dba5b
SHA512

d69611787d0e7ba6410c045dc3cdf039cb473e88192ac61ae7a82c6cda47f2ce34289b80b7af0ff67f957908ed16da935082603aa106079b668bf9366aa14734
SSDEEP

1536:QZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:+BounVyFHpfMqqDL2/Lkvd6

Score

10^/10

gandcrab persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-07-02_53bb7b6d96c7216ab598706cdd3084af_gandcrab.exe

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-07-02_53bb7b6d96c7216ab598706cdd3084af_gandcrab.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-07-02_53bb7b6d96c7216ab598706cdd3084af_gandcrab
- Size
  
  72KB
- MD5
  
  53bb7b6d96c7216ab598706cdd3084af
- SHA1
  
  12b722b1160768f517183bdc9f8dd90b63b5e19f
- SHA256
  
  f14b8eb87e6323eb003efaf52e8882cf82f18b18e829031ef137ab22f16dba5b
- SHA512
  
  d69611787d0e7ba6410c045dc3cdf039cb473e88192ac61ae7a82c6cda47f2ce34289b80b7af0ff67f957908ed16da935082603aa106079b668bf9366aa14734
- SSDEEP
  
  1536:QZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:+BounVyFHpfMqqDL2/Lkvd6
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy