General
-
Target
2024-03-28_f5bac72d3156ba785bda3f1055cef28c_gandcrab
-
Size
145KB
-
Sample
240328-fn18taed7w
-
MD5
f5bac72d3156ba785bda3f1055cef28c
-
SHA1
21fcd82e436725f6f5569d86f5d6f461650a3e14
-
SHA256
99fd5b2f73b2267e950c62a267ba70bd7234779481f5c20af0eb7ec1a2538e8e
-
SHA512
7bee8413d9b1467384a64289aa97cb6a2f00bcbf6e1454350d2120809fb5af572622d38fa5bd85e56df455c32038a6688fdaf546f8a3a49c5f72c6b69f4708ba
-
SSDEEP
3072:0YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:0yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_f5bac72d3156ba785bda3f1055cef28c_gandcrab.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-28_f5bac72d3156ba785bda3f1055cef28c_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_f5bac72d3156ba785bda3f1055cef28c_gandcrab
-
Size
145KB
-
MD5
f5bac72d3156ba785bda3f1055cef28c
-
SHA1
21fcd82e436725f6f5569d86f5d6f461650a3e14
-
SHA256
99fd5b2f73b2267e950c62a267ba70bd7234779481f5c20af0eb7ec1a2538e8e
-
SHA512
7bee8413d9b1467384a64289aa97cb6a2f00bcbf6e1454350d2120809fb5af572622d38fa5bd85e56df455c32038a6688fdaf546f8a3a49c5f72c6b69f4708ba
-
SSDEEP
3072:0YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:0yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-