General
-
Target
2024-03-29_c46101d15ddec6f094e9ecbcf1e96cc2_gandcrab
-
Size
145KB
-
Sample
240329-el7r5shh38
-
MD5
c46101d15ddec6f094e9ecbcf1e96cc2
-
SHA1
ef36923136b941410c9df6018064321f05c5152c
-
SHA256
8f373d2540c9e167dc712638aa59e1f0cb8726d0a2428fe8272e0e32109b24c0
-
SHA512
b71d42ad0a79d4c3bf15c76ba52c718873508f7196ff442b295add366d0876b739c38681c080fe5d68ad7878b21371c9094d46c42d25ec105eb33768869d4b25
-
SSDEEP
3072:aYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ayOqqDL64vdGREz
Malware Config
Targets
-
-
Target
2024-03-29_c46101d15ddec6f094e9ecbcf1e96cc2_gandcrab
-
Size
145KB
-
MD5
c46101d15ddec6f094e9ecbcf1e96cc2
-
SHA1
ef36923136b941410c9df6018064321f05c5152c
-
SHA256
8f373d2540c9e167dc712638aa59e1f0cb8726d0a2428fe8272e0e32109b24c0
-
SHA512
b71d42ad0a79d4c3bf15c76ba52c718873508f7196ff442b295add366d0876b739c38681c080fe5d68ad7878b21371c9094d46c42d25ec105eb33768869d4b25
-
SSDEEP
3072:aYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:ayOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-