General
-
Target
2024-04-19_54f168fe6d0a3fec2f86d1f0e808ce1a_gandcrab
-
Size
145KB
-
Sample
240419-f8a75aaa87
-
MD5
54f168fe6d0a3fec2f86d1f0e808ce1a
-
SHA1
054cce3a8add2d8349377dd96e8868234c13104c
-
SHA256
bbde78565c9f89b5c48a0ebb8d660b92008d39f2d8c512dcdf3929f919309367
-
SHA512
e8d586ed00c9c181c82fd4076cfbdc844a491e92be8375a8f6c7b633698d4a4c7ee66fb3f999cb86660c781b70e46ec0a7d42cd412adf2e1d5a2b0790425d28b
-
SSDEEP
3072:2YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:2yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-19_54f168fe6d0a3fec2f86d1f0e808ce1a_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-19_54f168fe6d0a3fec2f86d1f0e808ce1a_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-19_54f168fe6d0a3fec2f86d1f0e808ce1a_gandcrab
-
Size
145KB
-
MD5
54f168fe6d0a3fec2f86d1f0e808ce1a
-
SHA1
054cce3a8add2d8349377dd96e8868234c13104c
-
SHA256
bbde78565c9f89b5c48a0ebb8d660b92008d39f2d8c512dcdf3929f919309367
-
SHA512
e8d586ed00c9c181c82fd4076cfbdc844a491e92be8375a8f6c7b633698d4a4c7ee66fb3f999cb86660c781b70e46ec0a7d42cd412adf2e1d5a2b0790425d28b
-
SSDEEP
3072:2YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:2yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-