General
-
Target
2024-03-28_4e41eb430c51451b201d2d865e434f2c_gandcrab
-
Size
145KB
-
Sample
240328-e77dhabh78
-
MD5
4e41eb430c51451b201d2d865e434f2c
-
SHA1
8a5a67a7873ddb845211bf497656fd64e8def9ce
-
SHA256
02030f412a5d84d577d2a3fb5f9594e73d204964dbbb9cfbcc8400671307d061
-
SHA512
90b3b7cbc0d9db91dca769ff3aa8e1d7dad33f0c75b4ec12a3b97f70281f738a6a1bdda8672de91ef028b5e6e136582d749a83b6afc98077c1bae6d2af8d9988
-
SSDEEP
3072:8YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:8yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_4e41eb430c51451b201d2d865e434f2c_gandcrab.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-03-28_4e41eb430c51451b201d2d865e434f2c_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_4e41eb430c51451b201d2d865e434f2c_gandcrab
-
Size
145KB
-
MD5
4e41eb430c51451b201d2d865e434f2c
-
SHA1
8a5a67a7873ddb845211bf497656fd64e8def9ce
-
SHA256
02030f412a5d84d577d2a3fb5f9594e73d204964dbbb9cfbcc8400671307d061
-
SHA512
90b3b7cbc0d9db91dca769ff3aa8e1d7dad33f0c75b4ec12a3b97f70281f738a6a1bdda8672de91ef028b5e6e136582d749a83b6afc98077c1bae6d2af8d9988
-
SSDEEP
3072:8YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:8yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-