General
-
Target
2024-03-22_4abfbccf7a4fb933d987c70aaa941735_gandcrab
-
Size
145KB
-
Sample
240322-ljlv8acg7t
-
MD5
4abfbccf7a4fb933d987c70aaa941735
-
SHA1
ae0da7c9693fee7e5eb7b8577b030da83676cafc
-
SHA256
1e110c4c1bd515e76cf280ef2669778eb9665d8914800889f6c24d85c91b7202
-
SHA512
92404dc12a1e2a540c891b713973f608d5356330c7e114947cafc43b3346720f7a801f79c5634f98a2e3c110ad0a727333a7b01b976c2bc00746732a5dd54e91
-
SSDEEP
3072:LYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:LyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-22_4abfbccf7a4fb933d987c70aaa941735_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_4abfbccf7a4fb933d987c70aaa941735_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_4abfbccf7a4fb933d987c70aaa941735_gandcrab
-
Size
145KB
-
MD5
4abfbccf7a4fb933d987c70aaa941735
-
SHA1
ae0da7c9693fee7e5eb7b8577b030da83676cafc
-
SHA256
1e110c4c1bd515e76cf280ef2669778eb9665d8914800889f6c24d85c91b7202
-
SHA512
92404dc12a1e2a540c891b713973f608d5356330c7e114947cafc43b3346720f7a801f79c5634f98a2e3c110ad0a727333a7b01b976c2bc00746732a5dd54e91
-
SSDEEP
3072:LYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:LyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-