gandcrab | 2a6f0b0ceefcd0f292bcbbfd4fe6ad9c3ddd2dee37521b93086417f18102db1a | Triage

Sharing

General

Target

04aba3724c6090d8df501b86be52080f.bin
Size

69KB
Sample

240225-bdd83shd95
MD5

04aba3724c6090d8df501b86be52080f
SHA1

0300fbdbdb9c4482ab85bf8e2dc1bea3954208e3
SHA256

2a6f0b0ceefcd0f292bcbbfd4fe6ad9c3ddd2dee37521b93086417f18102db1a
SHA512

95aa691fcbc605534b5be0455d3e25c6f07250f309203b03aa30aa7466b0c0582710864e756320b21ee305769b51256a167abce6999209094b48651ff536fba2
SSDEEP

1536:kZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:6BounVyFHpfMqqDL2/Lkvd

Score

10^/10

gandcrab persistence

Malware Config

Targets

- Target
  
  04aba3724c6090d8df501b86be52080f.bin
- Size
  
  69KB
- MD5
  
  04aba3724c6090d8df501b86be52080f
- SHA1
  
  0300fbdbdb9c4482ab85bf8e2dc1bea3954208e3
- SHA256
  
  2a6f0b0ceefcd0f292bcbbfd4fe6ad9c3ddd2dee37521b93086417f18102db1a
- SHA512
  
  95aa691fcbc605534b5be0455d3e25c6f07250f309203b03aa30aa7466b0c0582710864e756320b21ee305769b51256a167abce6999209094b48651ff536fba2
- SSDEEP
  
  1536:kZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:6BounVyFHpfMqqDL2/Lkvd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2