General
-
Target
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237
-
Size
270KB
-
Sample
210830-fpsger1m6x
-
MD5
347b740d9f2cb1b8fae6f8f82a81680d
-
SHA1
98cef0e05cf642afc1ae7ec048915482d4e4776e
-
SHA256
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237
-
SHA512
b23c558208b9a96571aedafb15b5c046ac6051c6727db0334e0bfd068d6fabc924b79fd8c98bad7ce7a253834e471d99bc7e07085fb9cfc7a798ac5a08491460
Static task
static1
Behavioral task
behavioral1
Sample
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237
-
Size
270KB
-
MD5
347b740d9f2cb1b8fae6f8f82a81680d
-
SHA1
98cef0e05cf642afc1ae7ec048915482d4e4776e
-
SHA256
d676688e28f77f7de33e62c4b3d70d969e3a4731c5bfd3ffd86166a6506c9237
-
SHA512
b23c558208b9a96571aedafb15b5c046ac6051c6727db0334e0bfd068d6fabc924b79fd8c98bad7ce7a253834e471d99bc7e07085fb9cfc7a798ac5a08491460
Score10/10-
GandCrab Payload
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-