General
-
Target
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776
-
Size
130KB
-
Sample
220128-wcztlshhc3
-
MD5
c397591f6b7678fa7c260cad23f97fbc
-
SHA1
b65fcaf06f0d5f09a731d8106df46a7bd30f9787
-
SHA256
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776
-
SHA512
e3d07bc186c1d6ee301ea307fa76e83bea24b60b6d63efc09c6a295424a945668cf0bf61463bb465fbe46f11180249137527eb8cb0af9d45e4af351746f6d07c
Static task
static1
Behavioral task
behavioral1
Sample
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776.dll
Resource
win10-en-20211208
Malware Config
Extracted
C:\PCVLMLKLJ-DECRYPT.txt
http://gandcrabmfe6mnef.onion/38fe2f6aea3645be
Extracted
C:\VRTESKJRZB-DECRYPT.txt
http://gandcrabmfe6mnef.onion/6401397625c34536
Targets
-
-
Target
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776
-
Size
130KB
-
MD5
c397591f6b7678fa7c260cad23f97fbc
-
SHA1
b65fcaf06f0d5f09a731d8106df46a7bd30f9787
-
SHA256
e564e87958b3e76bc9bfeb5bed773b7a17f3a82f84872acdbb609aa43a9cd776
-
SHA512
e3d07bc186c1d6ee301ea307fa76e83bea24b60b6d63efc09c6a295424a945668cf0bf61463bb465fbe46f11180249137527eb8cb0af9d45e4af351746f6d07c
Score10/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-