General
-
Target
2024-03-22_5013675b6f2413e42ca17ee6b67d642c_gandcrab
-
Size
145KB
-
Sample
240322-lj5ckacg7z
-
MD5
5013675b6f2413e42ca17ee6b67d642c
-
SHA1
a357e9b9fd243f3693a488f992114b2528feb019
-
SHA256
2a7907352b0e819f1be74fed5c630d481b87190fe3ce1e14f947e9fe2e5637f8
-
SHA512
5dbeaf052a9bdb1711a7354b0658cf0a530c3a918f6e6e2dbf75738b8b98cd2a2a649650dcab394a99e5035398cc6fe5e69fc561c55ea271abcf880a47d34703
-
SSDEEP
3072:EYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:EyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-22_5013675b6f2413e42ca17ee6b67d642c_gandcrab.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-03-22_5013675b6f2413e42ca17ee6b67d642c_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_5013675b6f2413e42ca17ee6b67d642c_gandcrab
-
Size
145KB
-
MD5
5013675b6f2413e42ca17ee6b67d642c
-
SHA1
a357e9b9fd243f3693a488f992114b2528feb019
-
SHA256
2a7907352b0e819f1be74fed5c630d481b87190fe3ce1e14f947e9fe2e5637f8
-
SHA512
5dbeaf052a9bdb1711a7354b0658cf0a530c3a918f6e6e2dbf75738b8b98cd2a2a649650dcab394a99e5035398cc6fe5e69fc561c55ea271abcf880a47d34703
-
SSDEEP
3072:EYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:EyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-