General
-
Target
2024-04-01_37d52a54a219787a9bf6b03dc288733f_gandcrab
-
Size
145KB
-
Sample
240401-f8gpxafb48
-
MD5
37d52a54a219787a9bf6b03dc288733f
-
SHA1
2c9758cc6b23474e29ee7530607b2c6ba872de27
-
SHA256
4347808b261e1502ea246e1963b7c544164f48b4ac9a81dd62f066e3628b45cd
-
SHA512
e5b15bf8f3248209b5b874bd0a53425f043a56d3419b4db7ffaa8934f5321f89a3475749e4cc3363adee3b65607e62f5dda21c63d2358cb95e30feb76a704dc5
-
SSDEEP
3072:2YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:2yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-01_37d52a54a219787a9bf6b03dc288733f_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_37d52a54a219787a9bf6b03dc288733f_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_37d52a54a219787a9bf6b03dc288733f_gandcrab
-
Size
145KB
-
MD5
37d52a54a219787a9bf6b03dc288733f
-
SHA1
2c9758cc6b23474e29ee7530607b2c6ba872de27
-
SHA256
4347808b261e1502ea246e1963b7c544164f48b4ac9a81dd62f066e3628b45cd
-
SHA512
e5b15bf8f3248209b5b874bd0a53425f043a56d3419b4db7ffaa8934f5321f89a3475749e4cc3363adee3b65607e62f5dda21c63d2358cb95e30feb76a704dc5
-
SSDEEP
3072:2YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:2yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-