gandcrab | 2a1d7802afef3121b2a764bdbe1d4cdb329e937c49d02af63937dd9e23a35da0 | Triage

Submit
Reports

Overview

overview

Static

static

20240702db...ab.exe

windows7-x64

6

20240702db...ab.exe

windows10-2004-x64

6

Sharing

General

Target

20240702db225f0ef9e26ad2b70336421295c821gandcrab
Size

72KB
Sample

240702-jn8jnswhmp
MD5

db225f0ef9e26ad2b70336421295c821
SHA1

1cc491e99cd236298260ea72d6048fc6e556f74d
SHA256

2a1d7802afef3121b2a764bdbe1d4cdb329e937c49d02af63937dd9e23a35da0
SHA512

501d773325bdfcefdb8c7c36819b9d14210c058cad0df89f8118e9910afc2892c859f98c0a4b5a085c3fb4d2e3845453968430e0f8d0c20d5ab1297e959b3a0b
SSDEEP

1536:qZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:cBounVyFHpfMqqDL2/Lkvd6

Score

10^/10

gandcrab persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

20240702db225f0ef9e26ad2b70336421295c821gandcrab.exe

Resource

win7-20240508-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

20240702db225f0ef9e26ad2b70336421295c821gandcrab.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  20240702db225f0ef9e26ad2b70336421295c821gandcrab
- Size
  
  72KB
- MD5
  
  db225f0ef9e26ad2b70336421295c821
- SHA1
  
  1cc491e99cd236298260ea72d6048fc6e556f74d
- SHA256
  
  2a1d7802afef3121b2a764bdbe1d4cdb329e937c49d02af63937dd9e23a35da0
- SHA512
  
  501d773325bdfcefdb8c7c36819b9d14210c058cad0df89f8118e9910afc2892c859f98c0a4b5a085c3fb4d2e3845453968430e0f8d0c20d5ab1297e959b3a0b
- SSDEEP
  
  1536:qZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:cBounVyFHpfMqqDL2/Lkvd6
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy