Description
Gandcrab is a Trojan horse that encrypts files on a computer.
b7680a5071367e5e4f8412bc5cdc3cb82eaa0aaa03b4b08f0908069ed86de4ea
General
Target
Size
Sample
b7680a5071367e5e4f8412bc5cdc3cb82eaa0aaa03b4b08f0908069ed86de4ea
266KB
210518-ngjzndnjas
Score
10 /10
MD5
SHA1
SHA256
SHA512
8d7f8e4240f451ad0d96b255f4c9dfb6
8529fe7c200ce765610b748a966ed204c7ae879e
b7680a5071367e5e4f8412bc5cdc3cb82eaa0aaa03b4b08f0908069ed86de4ea
4ab988615473a2ec2da09ace4082359d559326dfcaeee21cc71b553e41d9df961cee3bddce0879089a54cdaea1bce379d99eac4442874ee67a3968deea6f7baf
Malware Config
Targets
Target
MD5
Filesize
b7680a5071367e5e4f8412bc5cdc3cb82eaa0aaa03b4b08f0908069ed86de4ea
8d7f8e4240f451ad0d96b255f4c9dfb6
266KB
Score
10/10
SHA1
SHA256
SHA512
8529fe7c200ce765610b748a966ed204c7ae879e
b7680a5071367e5e4f8412bc5cdc3cb82eaa0aaa03b4b08f0908069ed86de4ea
4ab988615473a2ec2da09ace4082359d559326dfcaeee21cc71b553e41d9df961cee3bddce0879089a54cdaea1bce379d99eac4442874ee67a3968deea6f7baf
Tags
Signatures
-
GandCrab Payload
-
Gandcrab
-
Adds Run key to start application
Tags
TTPs
-
Enumerates connected drives
Description
Attempts to read the root path of hard drives other than the default C: drive.
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks