General
-
Target
2024-03-24_b5c13861a3916e521717f3d332423c84_gandcrab
-
Size
73KB
-
Sample
240324-pzf7fsfe5w
-
MD5
b5c13861a3916e521717f3d332423c84
-
SHA1
f3623f0f4f27919e88eb96191a84efda69269694
-
SHA256
03b659397f4c043aa70084226ffe6874714bdfd8e5cd0126ecd026e8a7059da1
-
SHA512
d98dfbcc098e3f1ff9e53a04d195a9ca022a891e1582160d5dcba8810b1f0bd8bf6bf273f64d6ffe21a1f4bd71afcaddb94d604a672d32a96c4e4d7e193c258b
-
SSDEEP
1536:5R55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5F:5ZMSjOnrmBTMqqDL2/mr3IdE8we0Avun
Behavioral task
behavioral1
Sample
2024-03-24_b5c13861a3916e521717f3d332423c84_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_b5c13861a3916e521717f3d332423c84_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-03-24_b5c13861a3916e521717f3d332423c84_gandcrab
-
Size
73KB
-
MD5
b5c13861a3916e521717f3d332423c84
-
SHA1
f3623f0f4f27919e88eb96191a84efda69269694
-
SHA256
03b659397f4c043aa70084226ffe6874714bdfd8e5cd0126ecd026e8a7059da1
-
SHA512
d98dfbcc098e3f1ff9e53a04d195a9ca022a891e1582160d5dcba8810b1f0bd8bf6bf273f64d6ffe21a1f4bd71afcaddb94d604a672d32a96c4e4d7e193c258b
-
SSDEEP
1536:5R55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5F:5ZMSjOnrmBTMqqDL2/mr3IdE8we0Avun
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-