gandcrab | 777d36d4a698262dc2a0cd551d6dd4c1c16682a50db2a48a8994f98bf5538bb3 | Triage

Sharing

General

Target

2023-05-07_c92718c8058b77f69116fcea9d6f5730_gandcrab
Size

70KB
Sample

230508-dznqraaf6x
MD5

c92718c8058b77f69116fcea9d6f5730
SHA1

b2b759020c2ac8f57804f6f36e06d22649fd4e50
SHA256

777d36d4a698262dc2a0cd551d6dd4c1c16682a50db2a48a8994f98bf5538bb3
SHA512

2226c258f213a4bd1cf3e7635a663b688c9d1e74aff2e888287e6139ca1673c922841893149473769a86e72ffffb0ddd4f252fa2efd20d38a2f826c219758f5f
SSDEEP

1536:cZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:jd5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab persistence

Malware Config

Targets

- Target
  
  2023-05-07_c92718c8058b77f69116fcea9d6f5730_gandcrab
- Size
  
  70KB
- MD5
  
  c92718c8058b77f69116fcea9d6f5730
- SHA1
  
  b2b759020c2ac8f57804f6f36e06d22649fd4e50
- SHA256
  
  777d36d4a698262dc2a0cd551d6dd4c1c16682a50db2a48a8994f98bf5538bb3
- SHA512
  
  2226c258f213a4bd1cf3e7635a663b688c9d1e74aff2e888287e6139ca1673c922841893149473769a86e72ffffb0ddd4f252fa2efd20d38a2f826c219758f5f
- SSDEEP
  
  1536:cZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:jd5BJHMqqDL2/Ovvdr
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2