General

  • Target

    a9746c942c665567a9285df17f325506.bin

  • Size

    250KB

  • Sample

    240324-dp3rxsbf4x

  • MD5

    a9746c942c665567a9285df17f325506

  • SHA1

    6f0cfd31f2ec39051f7ccb3d9f5590e0d4a83bcb

  • SHA256

    f4bc6c510f2c555db083fa55b6c941c62e7e5e476dd020fe2ebd615d61bbdf1f

  • SHA512

    29b9f2bc73459d0cce9262a4e4bd72b3a5082cd8f7062687be757cffab6a42d4156d01b0707d61d97cf7ae4633fa86c03cd20dcb9e34b9d5ccc3d9b76a5e1143

  • SSDEEP

    6144:z+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:HOCjaklYgVIpxIhDtR

Malware Config

Targets

    • Target

      a9746c942c665567a9285df17f325506.bin

    • Size

      250KB

    • MD5

      a9746c942c665567a9285df17f325506

    • SHA1

      6f0cfd31f2ec39051f7ccb3d9f5590e0d4a83bcb

    • SHA256

      f4bc6c510f2c555db083fa55b6c941c62e7e5e476dd020fe2ebd615d61bbdf1f

    • SHA512

      29b9f2bc73459d0cce9262a4e4bd72b3a5082cd8f7062687be757cffab6a42d4156d01b0707d61d97cf7ae4633fa86c03cd20dcb9e34b9d5ccc3d9b76a5e1143

    • SSDEEP

      6144:z+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:HOCjaklYgVIpxIhDtR

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks