cc5f8dfc803b35d83f059f019c6d937fa2ce52e79d112f29630e9050aee2de08

General
Target

cc5f8dfc803b35d83f059f019c6d937fa2ce52e79d112f29630e9050aee2de08

Size

244KB

Sample

211013-s34npseed8

Score
10 /10
MD5

cd0de24dd59d160507545851f4c0d917

SHA1

a78fca87aace910f8e59dd614664e082249b8a68

SHA256

cc5f8dfc803b35d83f059f019c6d937fa2ce52e79d112f29630e9050aee2de08

SHA512

130ac29407b1a5903c144684e846a8eabe54d47ed13ebcc676eb1d4b598b52c446c6f5021fdea2035d838e562b6a08e7f0578bfe3379824dbd1b5b9ce374e12d

Malware Config
Targets
Target

cc5f8dfc803b35d83f059f019c6d937fa2ce52e79d112f29630e9050aee2de08

MD5

cd0de24dd59d160507545851f4c0d917

Filesize

244KB

Score
10/10
SHA1

a78fca87aace910f8e59dd614664e082249b8a68

SHA256

cc5f8dfc803b35d83f059f019c6d937fa2ce52e79d112f29630e9050aee2de08

SHA512

130ac29407b1a5903c144684e846a8eabe54d47ed13ebcc676eb1d4b598b52c446c6f5021fdea2035d838e562b6a08e7f0578bfe3379824dbd1b5b9ce374e12d

Tags

Signatures

  • GandCrab Payload

  • Gandcrab

    Description

    Gandcrab is a Trojan horse that encrypts files on a computer.

    Tags

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks