General
-
Target
961c5a33498bf70121cb9fd45636be25_gandcrab_JC.exe
-
Size
145KB
-
Sample
230825-rx229acf73
-
MD5
961c5a33498bf70121cb9fd45636be25
-
SHA1
ed0ffb0a3795dd048f55e30fa5da978342997828
-
SHA256
370c526f43aa745d73395d667b1a6784e782b212904263562602dccbe3a49cf1
-
SHA512
2189e9ecf39437d9030b5731b4ab61f3979169aeb65f6f5394699d5c37223c62c2d7566e3e77d45d1a6db79bb9711a02eb64ee51ca49f20592668da4580fd0bb
-
SSDEEP
3072:4YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:4yOqqDL64vdGREz
Malware Config
Targets
-
-
Target
961c5a33498bf70121cb9fd45636be25_gandcrab_JC.exe
-
Size
145KB
-
MD5
961c5a33498bf70121cb9fd45636be25
-
SHA1
ed0ffb0a3795dd048f55e30fa5da978342997828
-
SHA256
370c526f43aa745d73395d667b1a6784e782b212904263562602dccbe3a49cf1
-
SHA512
2189e9ecf39437d9030b5731b4ab61f3979169aeb65f6f5394699d5c37223c62c2d7566e3e77d45d1a6db79bb9711a02eb64ee51ca49f20592668da4580fd0bb
-
SSDEEP
3072:4YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:4yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-