0ae4d52d7cc57f048b19f84fb3c4de9e30822665746b34d45d7480fea95711c0

General
Target

0ae4d52d7cc57f048b19f84fb3c4de9e30822665746b34d45d7480fea95711c0

Size

229KB

Sample

210518-cdqvfyf9ee

Score
10 /10
MD5

9fa28e62c367ea29a0d4971b5b2b7ab4

SHA1

977bdbb43f9d4f2266ffb4a291c0475871121bb8

SHA256

0ae4d52d7cc57f048b19f84fb3c4de9e30822665746b34d45d7480fea95711c0

SHA512

e72cfee409f14da62f6de1764c8faf20aad03afc1be24bafc1e92fe78a363f3179faa4c055a86796fb0a7fd1d553a8af6984fa7dde2aa1227b2c4c325d0365dd

Malware Config
Targets
Target

0ae4d52d7cc57f048b19f84fb3c4de9e30822665746b34d45d7480fea95711c0

MD5

9fa28e62c367ea29a0d4971b5b2b7ab4

Filesize

229KB

Score
10/10
SHA1

977bdbb43f9d4f2266ffb4a291c0475871121bb8

SHA256

0ae4d52d7cc57f048b19f84fb3c4de9e30822665746b34d45d7480fea95711c0

SHA512

e72cfee409f14da62f6de1764c8faf20aad03afc1be24bafc1e92fe78a363f3179faa4c055a86796fb0a7fd1d553a8af6984fa7dde2aa1227b2c4c325d0365dd

Tags

Signatures

  • GandCrab Payload

  • Gandcrab

    Description

    Gandcrab is a Trojan horse that encrypts files on a computer.

    Tags

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks