General
-
Target
2024-03-31_137c86403a98502e8f6c24303f1f66b7_gandcrab
-
Size
145KB
-
Sample
240331-pn91dsbh58
-
MD5
137c86403a98502e8f6c24303f1f66b7
-
SHA1
af62de7085a48641ffb63a6d7c33e5bd594c2ac9
-
SHA256
9ff8db4141ece0167605fa4e78394a9226f53de0b8ae55438cb74e53a2e3c301
-
SHA512
1f3be43319e8e5a647b9d214f072998972c8e0e5a3eaac0401f6487759a2bd542b3f06b95fa74030dd0907ed04554b031642ab6ae97f6a575ed0fd76f1883be7
-
SSDEEP
3072:JYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:JyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-31_137c86403a98502e8f6c24303f1f66b7_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_137c86403a98502e8f6c24303f1f66b7_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_137c86403a98502e8f6c24303f1f66b7_gandcrab
-
Size
145KB
-
MD5
137c86403a98502e8f6c24303f1f66b7
-
SHA1
af62de7085a48641ffb63a6d7c33e5bd594c2ac9
-
SHA256
9ff8db4141ece0167605fa4e78394a9226f53de0b8ae55438cb74e53a2e3c301
-
SHA512
1f3be43319e8e5a647b9d214f072998972c8e0e5a3eaac0401f6487759a2bd542b3f06b95fa74030dd0907ed04554b031642ab6ae97f6a575ed0fd76f1883be7
-
SSDEEP
3072:JYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:JyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-