gandcrab | 1c46a6b894e3a3f1980a2033d2c4cf8850090df401528769e5d46af27c50bfcf | Triage

Sharing

General

Target

e512e9b60a2ae1exe_JC.exe
Size

69KB
Sample

230719-p67yrafg9v
MD5

e512e9b60a2ae1fa0d88e9f52cb7e768
SHA1

aacad8dd1ed95a0e2ff4e3f551aae4a5874e45ea
SHA256

1c46a6b894e3a3f1980a2033d2c4cf8850090df401528769e5d46af27c50bfcf
SHA512

bf05980c03f66b41141b194f687aeebd4660e06be47585232096e63408f7b149024f64e29553f7c4f3f26f3bdf06c7544c92735a2b8d6ddec494f7f2c4548f5f
SSDEEP

1536:BZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:9BounVyFHpfMqqDL2/Lkvd

Score

10^/10

gandcrab persistence

Malware Config

Targets

- Target
  
  e512e9b60a2ae1exe_JC.exe
- Size
  
  69KB
- MD5
  
  e512e9b60a2ae1fa0d88e9f52cb7e768
- SHA1
  
  aacad8dd1ed95a0e2ff4e3f551aae4a5874e45ea
- SHA256
  
  1c46a6b894e3a3f1980a2033d2c4cf8850090df401528769e5d46af27c50bfcf
- SHA512
  
  bf05980c03f66b41141b194f687aeebd4660e06be47585232096e63408f7b149024f64e29553f7c4f3f26f3bdf06c7544c92735a2b8d6ddec494f7f2c4548f5f
- SSDEEP
  
  1536:BZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:9BounVyFHpfMqqDL2/Lkvd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2