General
-
Target
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea
-
Size
211KB
-
Sample
220712-gdmhcagae9
-
MD5
edb038fb8119ffbef4e524672b63321e
-
SHA1
b4815964bcecc0b2a57f5efce65a7b5747dd9222
-
SHA256
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea
-
SHA512
6263650a6dd9abf99ebd1b91046ee93d63efff77f07c735e5b0e405dfa7c5c975513cb7e33cba973bcd16f658cd7f6f317d9ca586f706871792958196e284e0c
Static task
static1
Behavioral task
behavioral1
Sample
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea
-
Size
211KB
-
MD5
edb038fb8119ffbef4e524672b63321e
-
SHA1
b4815964bcecc0b2a57f5efce65a7b5747dd9222
-
SHA256
4c9aa7ad9dbedc57c97346bf3ec4d846d8b27ebd03593dac785302370f9bedea
-
SHA512
6263650a6dd9abf99ebd1b91046ee93d63efff77f07c735e5b0e405dfa7c5c975513cb7e33cba973bcd16f658cd7f6f317d9ca586f706871792958196e284e0c
Score10/10-
GandCrab payload
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (carder .bit in DNS Lookup)
-
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
suricata: ET MALWARE Observed GandCrab Ransomware Domain (ransomware .bit in DNS Lookup)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-