General
-
Target
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8
-
Size
300KB
-
Sample
220707-t8er7sbecj
-
MD5
5fc32497c54f9b4f43f5e89b50a1c93b
-
SHA1
dfd860ffd9a99bd03abedcb11de2ca9923fbc860
-
SHA256
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8
-
SHA512
d9a55df6abca75eb19cdfe807c378b3e2033e6b4fc3c59d446cb0dab74e80f0888067e9d519f75aee92fcfa9694c8e7074e48f06f6a85a8a87e6e3c2196f298b
Static task
static1
Behavioral task
behavioral1
Sample
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8
-
Size
300KB
-
MD5
5fc32497c54f9b4f43f5e89b50a1c93b
-
SHA1
dfd860ffd9a99bd03abedcb11de2ca9923fbc860
-
SHA256
452bf32e856f46d6cdaff897f50f7ea6f7cf8a18c9276253e4b7caaef27b08e8
-
SHA512
d9a55df6abca75eb19cdfe807c378b3e2033e6b4fc3c59d446cb0dab74e80f0888067e9d519f75aee92fcfa9694c8e7074e48f06f6a85a8a87e6e3c2196f298b
Score10/10-
GandCrab payload
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-