General
-
Target
2024-03-31_6c20fe56875db2ab701d909fbc5f8b5f_gandcrab
-
Size
145KB
-
Sample
240331-2enr1sdh9y
-
MD5
6c20fe56875db2ab701d909fbc5f8b5f
-
SHA1
59cfb88ba984ae3fcd54a4bb5cad91653116d6cd
-
SHA256
2e7db5a134e772eb498366480cb0a2c1fbf5dd9aa4538d1226b4b34e4999596a
-
SHA512
f9511e7f454137d73139225b20be86145b9dd81186cc329b2459dfa15db2b43b2468d008042a2e9a004dd66de1bc3f8622f65108c752c05628495238fe2fef50
-
SSDEEP
3072:QYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:QyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-31_6c20fe56875db2ab701d909fbc5f8b5f_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_6c20fe56875db2ab701d909fbc5f8b5f_gandcrab.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-03-31_6c20fe56875db2ab701d909fbc5f8b5f_gandcrab
-
Size
145KB
-
MD5
6c20fe56875db2ab701d909fbc5f8b5f
-
SHA1
59cfb88ba984ae3fcd54a4bb5cad91653116d6cd
-
SHA256
2e7db5a134e772eb498366480cb0a2c1fbf5dd9aa4538d1226b4b34e4999596a
-
SHA512
f9511e7f454137d73139225b20be86145b9dd81186cc329b2459dfa15db2b43b2468d008042a2e9a004dd66de1bc3f8622f65108c752c05628495238fe2fef50
-
SSDEEP
3072:QYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:QyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-