General
-
Target
2024-04-20_0398edf6ca0af26c6f114734d7994d25_gandcrab
-
Size
145KB
-
Sample
240420-f36rvaac9s
-
MD5
0398edf6ca0af26c6f114734d7994d25
-
SHA1
9ee1d97085b8f6e879c6a137d4fddbeb0db7b6ac
-
SHA256
a1fd9429a57083efbde0d839ca2e364d18835b388717fb865f6d6293ee2f8263
-
SHA512
3c6e32ebfba981107f1e051675c42bf45ef3b57a5f0493a808611f6525fe3ac9cacf98c08060ae3c340d4f32b678b8312c65fd548c68514cb2f450349c1203ac
-
SSDEEP
3072:LYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:LyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-20_0398edf6ca0af26c6f114734d7994d25_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-20_0398edf6ca0af26c6f114734d7994d25_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-20_0398edf6ca0af26c6f114734d7994d25_gandcrab
-
Size
145KB
-
MD5
0398edf6ca0af26c6f114734d7994d25
-
SHA1
9ee1d97085b8f6e879c6a137d4fddbeb0db7b6ac
-
SHA256
a1fd9429a57083efbde0d839ca2e364d18835b388717fb865f6d6293ee2f8263
-
SHA512
3c6e32ebfba981107f1e051675c42bf45ef3b57a5f0493a808611f6525fe3ac9cacf98c08060ae3c340d4f32b678b8312c65fd548c68514cb2f450349c1203ac
-
SSDEEP
3072:LYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:LyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-