General
-
Target
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724
-
Size
226KB
-
Sample
220625-j2hkeaefh5
-
MD5
4fb4be15ffd29af8150f520671a85fe3
-
SHA1
9b4be9a5859a283e83b7ae3ec7f4c1509774ede9
-
SHA256
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724
-
SHA512
9aadd93db0ff81420f1e26598ee49387f7e4f35d7efe876a9af90bea0415822be05b37e7c1ceed2caeac1e261c4ab6ebdb5172eaf8c144632d4f9444d903e217
Static task
static1
Behavioral task
behavioral1
Sample
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724
-
Size
226KB
-
MD5
4fb4be15ffd29af8150f520671a85fe3
-
SHA1
9b4be9a5859a283e83b7ae3ec7f4c1509774ede9
-
SHA256
6be8dbcb1f0e64cee8f1824cdbd846aee916a363d20414467f166f352cd02724
-
SHA512
9aadd93db0ff81420f1e26598ee49387f7e4f35d7efe876a9af90bea0415822be05b37e7c1ceed2caeac1e261c4ab6ebdb5172eaf8c144632d4f9444d903e217
Score10/10-
GandCrab Payload
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-