General
-
Target
2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab
-
Size
88KB
-
Sample
240322-nsb4gsbd68
-
MD5
49734d17953ca5ef4e72e22c4a421d24
-
SHA1
855e6cf9a591e90b47e8cc77eb7da7e0eab8986a
-
SHA256
41265fc0a892fb1678d03c64ac3e0932a33390895abebbbd13c7d580f6d26198
-
SHA512
39b4e3ffb95a1609f4b6feb1431ad465a4935e16b1c1ee26479723a66b58ad75798f45458186a8eaffde6beb513763ab6d86cd978bd7be1a66a3ab3bbfcae0fb
-
SSDEEP
1536:4rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:4jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g
Behavioral task
behavioral1
Sample
2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab
-
Size
88KB
-
MD5
49734d17953ca5ef4e72e22c4a421d24
-
SHA1
855e6cf9a591e90b47e8cc77eb7da7e0eab8986a
-
SHA256
41265fc0a892fb1678d03c64ac3e0932a33390895abebbbd13c7d580f6d26198
-
SHA512
39b4e3ffb95a1609f4b6feb1431ad465a4935e16b1c1ee26479723a66b58ad75798f45458186a8eaffde6beb513763ab6d86cd978bd7be1a66a3ab3bbfcae0fb
-
SSDEEP
1536:4rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:4jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-