General
-
Target
2024-03-24_cefa09f1cd3e0c5769daa8f61e50ab03_gandcrab
-
Size
145KB
-
Sample
240324-gn6zqsac68
-
MD5
cefa09f1cd3e0c5769daa8f61e50ab03
-
SHA1
8ddbb050794bbafe9582a235f9c37bf38ca3518c
-
SHA256
46feaaeb9987ea13a0d9babefaea0af71b076ab9e5a05ae762da64c2bf7b91d6
-
SHA512
3df4a6c3aafb6f41cab795ae4a5ec52ce63c5d8dbe52049a439e00ba49003b8d988d09dc7cb2dd615067bb8a5a30fd161628d97df845f356c2355251fad59ec9
-
SSDEEP
3072:lYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:lyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-24_cefa09f1cd3e0c5769daa8f61e50ab03_gandcrab.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-24_cefa09f1cd3e0c5769daa8f61e50ab03_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_cefa09f1cd3e0c5769daa8f61e50ab03_gandcrab
-
Size
145KB
-
MD5
cefa09f1cd3e0c5769daa8f61e50ab03
-
SHA1
8ddbb050794bbafe9582a235f9c37bf38ca3518c
-
SHA256
46feaaeb9987ea13a0d9babefaea0af71b076ab9e5a05ae762da64c2bf7b91d6
-
SHA512
3df4a6c3aafb6f41cab795ae4a5ec52ce63c5d8dbe52049a439e00ba49003b8d988d09dc7cb2dd615067bb8a5a30fd161628d97df845f356c2355251fad59ec9
-
SSDEEP
3072:lYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:lyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-