General
-
Target
2024-04-10_158a97780876095eaa18287099a52aad_gandcrab
-
Size
88KB
-
Sample
240410-dzzg9acf42
-
MD5
158a97780876095eaa18287099a52aad
-
SHA1
a4f17b04ed0e4f92b8b211c3b6ac57859b2108ef
-
SHA256
6343175864006d51930f87256483a4f9f5798a13a9a1c5dfcc712f64dedbb71b
-
SHA512
d90bc034bcc0c3bbf548904381afa3728efe19fa807f9b246e2e9c752e5a8bafd29c2613691db01cdf3265f4943a7907e137f17ed6ea204f1d2264919221be32
-
SSDEEP
1536:8rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:8jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g
Behavioral task
behavioral1
Sample
2024-04-10_158a97780876095eaa18287099a52aad_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-10_158a97780876095eaa18287099a52aad_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-04-10_158a97780876095eaa18287099a52aad_gandcrab
-
Size
88KB
-
MD5
158a97780876095eaa18287099a52aad
-
SHA1
a4f17b04ed0e4f92b8b211c3b6ac57859b2108ef
-
SHA256
6343175864006d51930f87256483a4f9f5798a13a9a1c5dfcc712f64dedbb71b
-
SHA512
d90bc034bcc0c3bbf548904381afa3728efe19fa807f9b246e2e9c752e5a8bafd29c2613691db01cdf3265f4943a7907e137f17ed6ea204f1d2264919221be32
-
SSDEEP
1536:8rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:8jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-