Overview

overview

10

Static

static

10

NEAS.2023-...JC.exe

windows7-x64

6

NEAS.2023-...JC.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.2023-09-09_0dced5452f93174e7832bff457231c73_gandcrab_JC.exe

  • Size

    73KB

  • Sample

    231022-kptycaeh2t

  • MD5

    0dced5452f93174e7832bff457231c73

  • SHA1

    e2cd5e538d8e05466e3f0b721f2f7faf7b95ef0c

  • SHA256

    e65bffc44504e64fceef51ae7fd3ad69eed318c678948dcee1dd0b8b04ff0acc

  • SHA512

    df9e14bd54d563ed4ff32c053cb59595385ae0477a8a4f53abd9c4fe2986802a6165d13abb7391403b0cffeab8266b5e68a6092692597a3344b09c4ae253eb98

  • SSDEEP

    1536:1gSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:1MSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Score
10/10
gandcrabpersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      NEAS.2023-09-09_0dced5452f93174e7832bff457231c73_gandcrab_JC.exe

    • Size

      73KB

    • MD5

      0dced5452f93174e7832bff457231c73

    • SHA1

      e2cd5e538d8e05466e3f0b721f2f7faf7b95ef0c

    • SHA256

      e65bffc44504e64fceef51ae7fd3ad69eed318c678948dcee1dd0b8b04ff0acc

    • SHA512

      df9e14bd54d563ed4ff32c053cb59595385ae0477a8a4f53abd9c4fe2986802a6165d13abb7391403b0cffeab8266b5e68a6092692597a3344b09c4ae253eb98

    • SSDEEP

      1536:1gSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:1MSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks