General
-
Target
2023-08-26_0e7a5fba9f1bda3b203d34edb8f3d50b_gandcrab_JC.exe
-
Size
145KB
-
Sample
230917-mqgqhshf8x
-
MD5
0e7a5fba9f1bda3b203d34edb8f3d50b
-
SHA1
b7c274fe3867a2a928dc7c7071114de505710db2
-
SHA256
538668ac5bbf8ba9b26b4439d58e5cf06a74407667ab8922f93c5dab2c3d2dfc
-
SHA512
d295cfc6f25b7f3ff751526e545af748e70bfd15d5e5d10ee8ddc18b009d3f95e240872c70fd1983e67a3065e52ec7998a71b066245a434b6b097308f52989f4
-
SSDEEP
3072:wYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:wyOqqDL64vdGREz
Malware Config
Targets
-
-
Target
2023-08-26_0e7a5fba9f1bda3b203d34edb8f3d50b_gandcrab_JC.exe
-
Size
145KB
-
MD5
0e7a5fba9f1bda3b203d34edb8f3d50b
-
SHA1
b7c274fe3867a2a928dc7c7071114de505710db2
-
SHA256
538668ac5bbf8ba9b26b4439d58e5cf06a74407667ab8922f93c5dab2c3d2dfc
-
SHA512
d295cfc6f25b7f3ff751526e545af748e70bfd15d5e5d10ee8ddc18b009d3f95e240872c70fd1983e67a3065e52ec7998a71b066245a434b6b097308f52989f4
-
SSDEEP
3072:wYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:wyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-