General
-
Target
2024-04-19_2323bb0b432a285541f9872f7e23110e_gandcrab
-
Size
145KB
-
Sample
240419-f5nztaba4x
-
MD5
2323bb0b432a285541f9872f7e23110e
-
SHA1
91bf605ded19cf9fa19b4974a69105490ee4e098
-
SHA256
11fbb1da29c5631328160a3b491fd0c1cc577b429d2cf5d255812b0beb10c081
-
SHA512
0d1b4f871822afe46981bb263978ca33beb4b36e3f97bbf190020de96b9e2adf93724617aeec0d299d610936fde025701e9c07048e3b496167dc19a82d69d3bc
-
SSDEEP
3072:pYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:pyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-19_2323bb0b432a285541f9872f7e23110e_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-19_2323bb0b432a285541f9872f7e23110e_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-19_2323bb0b432a285541f9872f7e23110e_gandcrab
-
Size
145KB
-
MD5
2323bb0b432a285541f9872f7e23110e
-
SHA1
91bf605ded19cf9fa19b4974a69105490ee4e098
-
SHA256
11fbb1da29c5631328160a3b491fd0c1cc577b429d2cf5d255812b0beb10c081
-
SHA512
0d1b4f871822afe46981bb263978ca33beb4b36e3f97bbf190020de96b9e2adf93724617aeec0d299d610936fde025701e9c07048e3b496167dc19a82d69d3bc
-
SSDEEP
3072:pYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:pyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-