General
-
Target
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76
-
Size
207KB
-
Sample
220625-wf235sebgn
-
MD5
aa6f9e075458a6592bfae515b846ae94
-
SHA1
adc9efdb229faffb2aa821e29ef13a15984bdce4
-
SHA256
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76
-
SHA512
7d1c90f7b921636a8e829f49ed60cd27129d32dd5eba2c628f76b4a78b62808c9a08235b1fbabf9290d823d21c7c8a35a504774e5b99c2b384bc1a500d44eea9
Static task
static1
Behavioral task
behavioral1
Sample
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76
-
Size
207KB
-
MD5
aa6f9e075458a6592bfae515b846ae94
-
SHA1
adc9efdb229faffb2aa821e29ef13a15984bdce4
-
SHA256
3917afdfa9cbaed0ed409df3d30d3efd1aaaf03fae5c03810336c118ec1aab76
-
SHA512
7d1c90f7b921636a8e829f49ed60cd27129d32dd5eba2c628f76b4a78b62808c9a08235b1fbabf9290d823d21c7c8a35a504774e5b99c2b384bc1a500d44eea9
Score10/10-
GandCrab Payload
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (gdcb .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (malwarehunterteam .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware CnC/IP Check Domain (politiaromana .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-