General
-
Target
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2
-
Size
302KB
-
Sample
220708-fhd64accb2
-
MD5
6c22dc137d4ea08ea8a00450bfc681ca
-
SHA1
6015f33b32d6794ac9c60c30e088eff55e0c1669
-
SHA256
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2
-
SHA512
46fca531d546434c6547e4ba36526f031514d086f9e8be6b7512d5ccc880e6fb18c99b7713e7d8cbeae1f0b0c18c49aced0bbff3b666883c2a82f3a39ae5df43
Static task
static1
Behavioral task
behavioral1
Sample
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2
-
Size
302KB
-
MD5
6c22dc137d4ea08ea8a00450bfc681ca
-
SHA1
6015f33b32d6794ac9c60c30e088eff55e0c1669
-
SHA256
41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2
-
SHA512
46fca531d546434c6547e4ba36526f031514d086f9e8be6b7512d5ccc880e6fb18c99b7713e7d8cbeae1f0b0c18c49aced0bbff3b666883c2a82f3a39ae5df43
Score10/10-
GandCrab payload
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-