General
-
Target
2024-03-31_81fd8df6ec154ff0f15aef43dcd34e38_gandcrab
-
Size
145KB
-
Sample
240331-x9pkksaf58
-
MD5
81fd8df6ec154ff0f15aef43dcd34e38
-
SHA1
068e6468feb54d118a845f6bfe62bca13e9a7ddb
-
SHA256
b7353d68d2b59a1c6729d29f19d3de475c288f262c5b97de7b948e8c40a4c7df
-
SHA512
5c81eaa11e1c4dea679d6ab808f7641cd03703e60f23c4ab735b43edbca5127a1028351f9fc1feabb0925a842cfed588a5ed8e63c7a90bd89f943541197915d7
-
SSDEEP
3072:yYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:yyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-03-31_81fd8df6ec154ff0f15aef43dcd34e38_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_81fd8df6ec154ff0f15aef43dcd34e38_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_81fd8df6ec154ff0f15aef43dcd34e38_gandcrab
-
Size
145KB
-
MD5
81fd8df6ec154ff0f15aef43dcd34e38
-
SHA1
068e6468feb54d118a845f6bfe62bca13e9a7ddb
-
SHA256
b7353d68d2b59a1c6729d29f19d3de475c288f262c5b97de7b948e8c40a4c7df
-
SHA512
5c81eaa11e1c4dea679d6ab808f7641cd03703e60f23c4ab735b43edbca5127a1028351f9fc1feabb0925a842cfed588a5ed8e63c7a90bd89f943541197915d7
-
SSDEEP
3072:yYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:yyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-