General
-
Target
2024-03-28_3087be3e05d2290671d8ecb58087f1c2_gandcrab
-
Size
145KB
-
Sample
240328-e47j4aec21
-
MD5
3087be3e05d2290671d8ecb58087f1c2
-
SHA1
24a7e21a21169d0e5cc067fc263062817dab656a
-
SHA256
70bd85e3c9857fb6b7b4ee926e702390b9f3beffc2a3533dd06331dcc3950432
-
SHA512
da3e3dcdca6e1b8c15b6c551d965f27f3e6d751c22779ccebcca241ac2f60ed3c6f080bfb463fd3716760e0c1f1f6b34c09d01fa9cb245fed9013c83a5ae9447
-
SSDEEP
3072:zYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:zyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_3087be3e05d2290671d8ecb58087f1c2_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_3087be3e05d2290671d8ecb58087f1c2_gandcrab.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-03-28_3087be3e05d2290671d8ecb58087f1c2_gandcrab
-
Size
145KB
-
MD5
3087be3e05d2290671d8ecb58087f1c2
-
SHA1
24a7e21a21169d0e5cc067fc263062817dab656a
-
SHA256
70bd85e3c9857fb6b7b4ee926e702390b9f3beffc2a3533dd06331dcc3950432
-
SHA512
da3e3dcdca6e1b8c15b6c551d965f27f3e6d751c22779ccebcca241ac2f60ed3c6f080bfb463fd3716760e0c1f1f6b34c09d01fa9cb245fed9013c83a5ae9447
-
SSDEEP
3072:zYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:zyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-