General
-
Target
2024-03-22_17a07b0b9a3ddea449c1f2dcea2de29e_gandcrab
-
Size
145KB
-
Sample
240322-3czbeaac75
-
MD5
17a07b0b9a3ddea449c1f2dcea2de29e
-
SHA1
68e342c956b3aa54963e5010f43cedefc5e3c563
-
SHA256
bfd2896f95b4e4f0115654c666ce4e106268170ac2c8d5ecc3135c6bc9341f90
-
SHA512
4149c9a425df470c5232c5c9be669c5359a4d90bc690812cefae11ddbdc351c95da7a4ca4da42618f8450aab3554685d31cad06dca8ecb9ee0c2e105ed045c13
-
SSDEEP
3072:MYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:MyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-22_17a07b0b9a3ddea449c1f2dcea2de29e_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_17a07b0b9a3ddea449c1f2dcea2de29e_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_17a07b0b9a3ddea449c1f2dcea2de29e_gandcrab
-
Size
145KB
-
MD5
17a07b0b9a3ddea449c1f2dcea2de29e
-
SHA1
68e342c956b3aa54963e5010f43cedefc5e3c563
-
SHA256
bfd2896f95b4e4f0115654c666ce4e106268170ac2c8d5ecc3135c6bc9341f90
-
SHA512
4149c9a425df470c5232c5c9be669c5359a4d90bc690812cefae11ddbdc351c95da7a4ca4da42618f8450aab3554685d31cad06dca8ecb9ee0c2e105ed045c13
-
SSDEEP
3072:MYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:MyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-