General
-
Target
2024-03-29_54b402e258950f3031ec2e67e145f47d_gandcrab
-
Size
145KB
-
Sample
240329-1fc68sba87
-
MD5
54b402e258950f3031ec2e67e145f47d
-
SHA1
b6a7b3d566f876b7a5978684fa87a02e42ef4012
-
SHA256
9c97d7ea56a77b25dcd88da2e2ce510a7e4c2fd53f15e79f5e574afd1485e052
-
SHA512
ea204217eb77e6f65c5634fbfdd5b931ead7652e62478a9fa1186cdf25f079981d614a7d8aca0873435aeadfdccc8e4ff4126eb7f38a5343aafd81596290bed5
-
SSDEEP
3072:9YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:9yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-29_54b402e258950f3031ec2e67e145f47d_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_54b402e258950f3031ec2e67e145f47d_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-29_54b402e258950f3031ec2e67e145f47d_gandcrab
-
Size
145KB
-
MD5
54b402e258950f3031ec2e67e145f47d
-
SHA1
b6a7b3d566f876b7a5978684fa87a02e42ef4012
-
SHA256
9c97d7ea56a77b25dcd88da2e2ce510a7e4c2fd53f15e79f5e574afd1485e052
-
SHA512
ea204217eb77e6f65c5634fbfdd5b931ead7652e62478a9fa1186cdf25f079981d614a7d8aca0873435aeadfdccc8e4ff4126eb7f38a5343aafd81596290bed5
-
SSDEEP
3072:9YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:9yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-