gandcrab | 6674a6b43365d8c1637a35d232d469b82e38c848d796ea68624958efbffeae19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023-05-18_8bdf36e4fa718173a4714ce1a5aa48b2_gandcrab
Size

70KB
Sample

230519-dgnm2adf81
MD5

8bdf36e4fa718173a4714ce1a5aa48b2
SHA1

01f48f0fae739405c471f1a7dd0e9a2bc4425131
SHA256

6674a6b43365d8c1637a35d232d469b82e38c848d796ea68624958efbffeae19
SHA512

990c06f77f0d14df7f4db38383a03ae64f1879b75711cdd5fc1c0ce2dd79185e38f3a74dc5e55417a61cb79e7bfb7b6bb5e83f94a653f805c8b43aa1cfa62ece
SSDEEP

1536:TZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Cd5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab persistence

Malware Config

Targets

- Target
  
  2023-05-18_8bdf36e4fa718173a4714ce1a5aa48b2_gandcrab
- Size
  
  70KB
- MD5
  
  8bdf36e4fa718173a4714ce1a5aa48b2
- SHA1
  
  01f48f0fae739405c471f1a7dd0e9a2bc4425131
- SHA256
  
  6674a6b43365d8c1637a35d232d469b82e38c848d796ea68624958efbffeae19
- SHA512
  
  990c06f77f0d14df7f4db38383a03ae64f1879b75711cdd5fc1c0ce2dd79185e38f3a74dc5e55417a61cb79e7bfb7b6bb5e83f94a653f805c8b43aa1cfa62ece
- SSDEEP
  
  1536:TZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Cd5BJHMqqDL2/Ovvdr
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2