Overview

overview

10

Static

static

10

2024-04-08...ab.exe

windows7-x64

6

2024-04-08...ab.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-04-08_075415d516d7a578491f8d28b1b7fcf5_gandcrab

  • Size

    83KB

  • Sample

    240409-r97hhadd3s

  • MD5

    075415d516d7a578491f8d28b1b7fcf5

  • SHA1

    a7bdbb74c5cd9449c2670961ebc82de155b7c221

  • SHA256

    6530d78f0be28fc071f113f091d6c5c57eb854513ec9a9a3fdd4c68cc2fc8940

  • SHA512

    b74ec72cc5136447fc1b8de7871df3b88737fa3a3a1b890addc06aacb65266a84ae6b966447ad065a9200abd7aa5f444609f2046ad0f1df91ea39307141fa2b1

  • SSDEEP

    1536:j55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:/MSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

Score
10/10
gandcrabpersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-04-08_075415d516d7a578491f8d28b1b7fcf5_gandcrab

    • Size

      83KB

    • MD5

      075415d516d7a578491f8d28b1b7fcf5

    • SHA1

      a7bdbb74c5cd9449c2670961ebc82de155b7c221

    • SHA256

      6530d78f0be28fc071f113f091d6c5c57eb854513ec9a9a3fdd4c68cc2fc8940

    • SHA512

      b74ec72cc5136447fc1b8de7871df3b88737fa3a3a1b890addc06aacb65266a84ae6b966447ad065a9200abd7aa5f444609f2046ad0f1df91ea39307141fa2b1

    • SSDEEP

      1536:j55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:/MSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks