General
-
Target
2024-04-20_d4c9113e25cc650cc67e723e184364b4_gandcrab
-
Size
145KB
-
Sample
240420-endxvagg61
-
MD5
d4c9113e25cc650cc67e723e184364b4
-
SHA1
83fd7aabff88ff5f99b4e0e618919713c613a923
-
SHA256
c028a18093381ae06556ca6c453012e6540cbb25b09cdbea4e624a99ba48eb63
-
SHA512
a5e0552efb5cf279d6e0dba1c0e4726b64e0354d992c4c2d8e0fdd422bb86c8f5652221e3878a008e4ac836bb0a64a5d594badfc469a8bc4eb375a0d73569472
-
SSDEEP
3072:bYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:byOqqDL64vdGREz
Malware Config
Targets
-
-
Target
2024-04-20_d4c9113e25cc650cc67e723e184364b4_gandcrab
-
Size
145KB
-
MD5
d4c9113e25cc650cc67e723e184364b4
-
SHA1
83fd7aabff88ff5f99b4e0e618919713c613a923
-
SHA256
c028a18093381ae06556ca6c453012e6540cbb25b09cdbea4e624a99ba48eb63
-
SHA512
a5e0552efb5cf279d6e0dba1c0e4726b64e0354d992c4c2d8e0fdd422bb86c8f5652221e3878a008e4ac836bb0a64a5d594badfc469a8bc4eb375a0d73569472
-
SSDEEP
3072:bYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:byOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-