General

  • Target

    2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab

  • Size

    88KB

  • Sample

    240322-nsb4gsbd68

  • MD5

    49734d17953ca5ef4e72e22c4a421d24

  • SHA1

    855e6cf9a591e90b47e8cc77eb7da7e0eab8986a

  • SHA256

    41265fc0a892fb1678d03c64ac3e0932a33390895abebbbd13c7d580f6d26198

  • SHA512

    39b4e3ffb95a1609f4b6feb1431ad465a4935e16b1c1ee26479723a66b58ad75798f45458186a8eaffde6beb513763ab6d86cd978bd7be1a66a3ab3bbfcae0fb

  • SSDEEP

    1536:4rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:4jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-03-22_49734d17953ca5ef4e72e22c4a421d24_gandcrab

    • Size

      88KB

    • MD5

      49734d17953ca5ef4e72e22c4a421d24

    • SHA1

      855e6cf9a591e90b47e8cc77eb7da7e0eab8986a

    • SHA256

      41265fc0a892fb1678d03c64ac3e0932a33390895abebbbd13c7d580f6d26198

    • SHA512

      39b4e3ffb95a1609f4b6feb1431ad465a4935e16b1c1ee26479723a66b58ad75798f45458186a8eaffde6beb513763ab6d86cd978bd7be1a66a3ab3bbfcae0fb

    • SSDEEP

      1536:4rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:4jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

    Score
    6/10
    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks