General

  • Target

    2024-03-24_dfeb91b62a93a9b723001be955601a40_gandcrab

  • Size

    88KB

  • Sample

    240324-gp2reaac85

  • MD5

    dfeb91b62a93a9b723001be955601a40

  • SHA1

    bca256b6275343c38d97ab0a9343ef484daf7329

  • SHA256

    c82f95569e6dd09f94955b83ae11d6427b3db465703badc4aecd824de9fb6e45

  • SHA512

    ca21faa0526419d4c6555364610e15f1ca2afb518907bc1d927762ecc4317e9096e7c63753402a1c7e4912d384110aa3b1273ab563997ed9e2550afb445476b3

  • SSDEEP

    1536:zrsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:zjDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-03-24_dfeb91b62a93a9b723001be955601a40_gandcrab

    • Size

      88KB

    • MD5

      dfeb91b62a93a9b723001be955601a40

    • SHA1

      bca256b6275343c38d97ab0a9343ef484daf7329

    • SHA256

      c82f95569e6dd09f94955b83ae11d6427b3db465703badc4aecd824de9fb6e45

    • SHA512

      ca21faa0526419d4c6555364610e15f1ca2afb518907bc1d927762ecc4317e9096e7c63753402a1c7e4912d384110aa3b1273ab563997ed9e2550afb445476b3

    • SSDEEP

      1536:zrsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:zjDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

    Score
    6/10
    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks