General
-
Target
2024-03-22_c8b9fc0c898c49205b9ce8ad0dedb60b_gandcrab
-
Size
145KB
-
Sample
240322-kkpg3ace6y
-
MD5
c8b9fc0c898c49205b9ce8ad0dedb60b
-
SHA1
3e8fba01796d8b9275486f1b2503ec01a28d30ad
-
SHA256
4cf38ac0fbb0bf738d40d64c5d58a9d97767fc1ad170d8efe582312ac778d91c
-
SHA512
aa9653b21df8a08407a0f0efe4f1a8a50b03c253709cdc88e7ed0b632e770fbd23b3782c9617471447758ad8ed719f039000ff53f355845ab37fe4064f0d9a04
-
SSDEEP
3072:TYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:TyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-22_c8b9fc0c898c49205b9ce8ad0dedb60b_gandcrab.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-03-22_c8b9fc0c898c49205b9ce8ad0dedb60b_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_c8b9fc0c898c49205b9ce8ad0dedb60b_gandcrab
-
Size
145KB
-
MD5
c8b9fc0c898c49205b9ce8ad0dedb60b
-
SHA1
3e8fba01796d8b9275486f1b2503ec01a28d30ad
-
SHA256
4cf38ac0fbb0bf738d40d64c5d58a9d97767fc1ad170d8efe582312ac778d91c
-
SHA512
aa9653b21df8a08407a0f0efe4f1a8a50b03c253709cdc88e7ed0b632e770fbd23b3782c9617471447758ad8ed719f039000ff53f355845ab37fe4064f0d9a04
-
SSDEEP
3072:TYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:TyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-