General
-
Target
2024-03-28_e2d01f7df446125f8a27e58b1607ed74_gandcrab
-
Size
145KB
-
Sample
240328-r9b2lagh7x
-
MD5
e2d01f7df446125f8a27e58b1607ed74
-
SHA1
fe308e1096065e3992beaf07f7d1ccaa26538063
-
SHA256
68faaf91231e8e902ee90545a5d3cd517f0e0d5b190327a70d6b12c6975c4eea
-
SHA512
48e9bf96053b70bffa468ed0127124a8d8f68bacec4fc178b823950c9cd0bba34ac1764054bb1b3ad3acb4c1c1104a1d448d53b61b2be20cecfbc9c74b0a5d01
-
SSDEEP
3072:BYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ByOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_e2d01f7df446125f8a27e58b1607ed74_gandcrab.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-03-28_e2d01f7df446125f8a27e58b1607ed74_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_e2d01f7df446125f8a27e58b1607ed74_gandcrab
-
Size
145KB
-
MD5
e2d01f7df446125f8a27e58b1607ed74
-
SHA1
fe308e1096065e3992beaf07f7d1ccaa26538063
-
SHA256
68faaf91231e8e902ee90545a5d3cd517f0e0d5b190327a70d6b12c6975c4eea
-
SHA512
48e9bf96053b70bffa468ed0127124a8d8f68bacec4fc178b823950c9cd0bba34ac1764054bb1b3ad3acb4c1c1104a1d448d53b61b2be20cecfbc9c74b0a5d01
-
SSDEEP
3072:BYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ByOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-