General
-
Target
2024-03-28_9a6040a20bcd4db39c27111b21b78cca_gandcrab
-
Size
145KB
-
Sample
240328-fe2szsca58
-
MD5
9a6040a20bcd4db39c27111b21b78cca
-
SHA1
16f9ce5fe8d0bcc9f6e9a79af0b66fd90dd9c4dd
-
SHA256
63ac3112836f61c462205aacc98a9339db102d1bfaa1b8c543e1497335d0d9ea
-
SHA512
39e274007fcb56d32ceaca06ce6932cd9765576fab1016e36848d51dc34f38b7f07d7403b41f8b1e8240a630cb2e01d6b4f8f86a8ca066fd826dc68de5190b96
-
SSDEEP
3072:HYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:HyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_9a6040a20bcd4db39c27111b21b78cca_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_9a6040a20bcd4db39c27111b21b78cca_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_9a6040a20bcd4db39c27111b21b78cca_gandcrab
-
Size
145KB
-
MD5
9a6040a20bcd4db39c27111b21b78cca
-
SHA1
16f9ce5fe8d0bcc9f6e9a79af0b66fd90dd9c4dd
-
SHA256
63ac3112836f61c462205aacc98a9339db102d1bfaa1b8c543e1497335d0d9ea
-
SHA512
39e274007fcb56d32ceaca06ce6932cd9765576fab1016e36848d51dc34f38b7f07d7403b41f8b1e8240a630cb2e01d6b4f8f86a8ca066fd826dc68de5190b96
-
SSDEEP
3072:HYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:HyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-