General
-
Target
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15
-
Size
313KB
-
Sample
220626-a5mtvsafar
-
MD5
541aa6e73a72f2b169163c4f167ce653
-
SHA1
380e38fb4a4c56cbaa5c14a26ec433ce56691414
-
SHA256
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15
-
SHA512
c0db6d75d14c8237c1631e2d1620f5125c2e8ac8d902c778d4b36d78e6824d895642f49e5bb904fbec92352df454f91e49b437f90af2d4625e0aa4d6576d47aa
Static task
static1
Behavioral task
behavioral1
Sample
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15
-
Size
313KB
-
MD5
541aa6e73a72f2b169163c4f167ce653
-
SHA1
380e38fb4a4c56cbaa5c14a26ec433ce56691414
-
SHA256
36fdeb2abf80269259078d51391f9fcf224f262107bc0d6194e37dd021237b15
-
SHA512
c0db6d75d14c8237c1631e2d1620f5125c2e8ac8d902c778d4b36d78e6824d895642f49e5bb904fbec92352df454f91e49b437f90af2d4625e0aa4d6576d47aa
Score10/10-
GandCrab Payload
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-