General
-
Target
4cbec820272cc502e3c8af83dfe0cf57_gandcrab_JC.exe
-
Size
145KB
-
Sample
230820-ld6y7sfg5v
-
MD5
4cbec820272cc502e3c8af83dfe0cf57
-
SHA1
12a436cc38c370fe15f12c785f1968e7fc76325f
-
SHA256
1fdceb9c7594516b6eb1f586b1e5002ddc87a77f6e84f2ed6824234c0f90e9b5
-
SHA512
e3bbddd019a9e5ac07a8a095562d6066e6a018a4de8b39c0e02093493934c4323c4b3a8ef5ee39473a6d91c71f6097cdcd80ff6747cc4125ea0e9acc3e6dbcba
-
SSDEEP
3072:PYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:PyOqqDL64vdGREz
Malware Config
Targets
-
-
Target
4cbec820272cc502e3c8af83dfe0cf57_gandcrab_JC.exe
-
Size
145KB
-
MD5
4cbec820272cc502e3c8af83dfe0cf57
-
SHA1
12a436cc38c370fe15f12c785f1968e7fc76325f
-
SHA256
1fdceb9c7594516b6eb1f586b1e5002ddc87a77f6e84f2ed6824234c0f90e9b5
-
SHA512
e3bbddd019a9e5ac07a8a095562d6066e6a018a4de8b39c0e02093493934c4323c4b3a8ef5ee39473a6d91c71f6097cdcd80ff6747cc4125ea0e9acc3e6dbcba
-
SSDEEP
3072:PYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:PyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-