General
-
Target
2024-03-28_26a1fb16a36cec5ee11754b470160dc0_gandcrab
-
Size
145KB
-
Sample
240328-v2md5sbg5z
-
MD5
26a1fb16a36cec5ee11754b470160dc0
-
SHA1
fa75cbb547970633c2d807781e9b541378cec8aa
-
SHA256
3d74ae4ffa6d5905543aaec5acdaa0f817024ae4b1bbdd5c93ac39bfe42528e4
-
SHA512
25ed78430f0a9cce1db14739d6c6e151d4f6a40e7d18602e36916a222dc6606574f465aaa54c4343cac604e00f9c4ab06c9a5da99f532a9b72c3a87e2e378f41
-
SSDEEP
3072:5YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:5yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-28_26a1fb16a36cec5ee11754b470160dc0_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_26a1fb16a36cec5ee11754b470160dc0_gandcrab.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-28_26a1fb16a36cec5ee11754b470160dc0_gandcrab
-
Size
145KB
-
MD5
26a1fb16a36cec5ee11754b470160dc0
-
SHA1
fa75cbb547970633c2d807781e9b541378cec8aa
-
SHA256
3d74ae4ffa6d5905543aaec5acdaa0f817024ae4b1bbdd5c93ac39bfe42528e4
-
SHA512
25ed78430f0a9cce1db14739d6c6e151d4f6a40e7d18602e36916a222dc6606574f465aaa54c4343cac604e00f9c4ab06c9a5da99f532a9b72c3a87e2e378f41
-
SSDEEP
3072:5YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:5yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-