General
-
Target
2024-03-24_6fc70426ed3ea759c471c0c9abd39451_gandcrab
-
Size
145KB
-
Sample
240324-ef9dsahd64
-
MD5
6fc70426ed3ea759c471c0c9abd39451
-
SHA1
f4a7d2ef860c61b319645b933dcaa38ca2dfef88
-
SHA256
d4d3cc74d55ebcf8cea96df1092caa66660697b6223a3c765b365a682f9acc42
-
SHA512
6fe97428128e04ca3a5c920c4ca6fc3076d6fbaf23757d67748ef7f5509eeda9952ca142cb5b599775aa2fce60fe69e66b4eb9843664bbecc9dda4425b22447b
-
SSDEEP
3072:jYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:jyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-24_6fc70426ed3ea759c471c0c9abd39451_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_6fc70426ed3ea759c471c0c9abd39451_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_6fc70426ed3ea759c471c0c9abd39451_gandcrab
-
Size
145KB
-
MD5
6fc70426ed3ea759c471c0c9abd39451
-
SHA1
f4a7d2ef860c61b319645b933dcaa38ca2dfef88
-
SHA256
d4d3cc74d55ebcf8cea96df1092caa66660697b6223a3c765b365a682f9acc42
-
SHA512
6fe97428128e04ca3a5c920c4ca6fc3076d6fbaf23757d67748ef7f5509eeda9952ca142cb5b599775aa2fce60fe69e66b4eb9843664bbecc9dda4425b22447b
-
SSDEEP
3072:jYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:jyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-