gandcrab | c9ddff6fd28ac78d6ab2f00c58aa1c21f91f3cfa05c2cea29bdbac5e1ee94969 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023-05-14_94fc6c5e493086f22b01842295e68002_gandcrab
Size

70KB
Sample

230515-sp11naee4z
MD5

94fc6c5e493086f22b01842295e68002
SHA1

c5944da7fb08a4fac89ad1faeb2bf947fa86af2c
SHA256

c9ddff6fd28ac78d6ab2f00c58aa1c21f91f3cfa05c2cea29bdbac5e1ee94969
SHA512

cc86075147233a830f2ae3e70566100280a5544358fcc3e87efa826e61a9924bab1d129baff1d9a664798fa2238a833ce2b17097701c351a070092da744dbcb8
SSDEEP

1536:wZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:/d5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab persistence

Malware Config

Targets

- Target
  
  2023-05-14_94fc6c5e493086f22b01842295e68002_gandcrab
- Size
  
  70KB
- MD5
  
  94fc6c5e493086f22b01842295e68002
- SHA1
  
  c5944da7fb08a4fac89ad1faeb2bf947fa86af2c
- SHA256
  
  c9ddff6fd28ac78d6ab2f00c58aa1c21f91f3cfa05c2cea29bdbac5e1ee94969
- SHA512
  
  cc86075147233a830f2ae3e70566100280a5544358fcc3e87efa826e61a9924bab1d129baff1d9a664798fa2238a833ce2b17097701c351a070092da744dbcb8
- SSDEEP
  
  1536:wZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:/d5BJHMqqDL2/Ovvdr
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2