General
-
Target
2024-03-22_d441f71209c6e540d383f986bb3cf6fd_gandcrab
-
Size
145KB
-
Sample
240322-q986naef2w
-
MD5
d441f71209c6e540d383f986bb3cf6fd
-
SHA1
721495b7c8dabecb37d660fdd55be86fe8df4ea9
-
SHA256
0ef81ab59de0d9e89c915bd0fb489cf34e6b23d61ce328e989e10b0d3dec877e
-
SHA512
0fcbdb5b8f6f8b62f0e8ee0d1b4f5647e163b23279756925a71cd3a8b2d94e6adf7a1f0385aefc3f9e8d9adf169dcba7ccaaee0356adf65955461bf6b574c826
-
SSDEEP
3072:WYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:WyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-22_d441f71209c6e540d383f986bb3cf6fd_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_d441f71209c6e540d383f986bb3cf6fd_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_d441f71209c6e540d383f986bb3cf6fd_gandcrab
-
Size
145KB
-
MD5
d441f71209c6e540d383f986bb3cf6fd
-
SHA1
721495b7c8dabecb37d660fdd55be86fe8df4ea9
-
SHA256
0ef81ab59de0d9e89c915bd0fb489cf34e6b23d61ce328e989e10b0d3dec877e
-
SHA512
0fcbdb5b8f6f8b62f0e8ee0d1b4f5647e163b23279756925a71cd3a8b2d94e6adf7a1f0385aefc3f9e8d9adf169dcba7ccaaee0356adf65955461bf6b574c826
-
SSDEEP
3072:WYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:WyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-