Overview

overview

10

Static

static

10

NA_NA_1ba8...JC.exe

windows7-x64

6

NA_NA_1ba8...JC.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    NA_NA_1ba84017c7e3cdexeexe_JC.exe

  • Size

    73KB

  • Sample

    230723-v2zpgafh6w

  • MD5

    1ba84017c7e3cddec259e017a8972c95

  • SHA1

    8e214cdbbba743e6c5d957c5ff5db1806dd1d2c5

  • SHA256

    b1ee4737a8604910055a1982a395f98c8ebdb02ea35a7a0135e57187a112e191

  • SHA512

    f7d4c516119e0326b7681e2beb816005c507db6b6090635e1995933e6af68823eb029eb12666b2aeac84ab05bafb6f70bf7d859dd3dd22a3e96bba9ddadc140e

  • SSDEEP

    1536:Z55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:xMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabpersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      NA_NA_1ba84017c7e3cdexeexe_JC.exe

    • Size

      73KB

    • MD5

      1ba84017c7e3cddec259e017a8972c95

    • SHA1

      8e214cdbbba743e6c5d957c5ff5db1806dd1d2c5

    • SHA256

      b1ee4737a8604910055a1982a395f98c8ebdb02ea35a7a0135e57187a112e191

    • SHA512

      f7d4c516119e0326b7681e2beb816005c507db6b6090635e1995933e6af68823eb029eb12666b2aeac84ab05bafb6f70bf7d859dd3dd22a3e96bba9ddadc140e

    • SSDEEP

      1536:Z55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:xMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks