General
-
Target
2024-04-23_102077a54c27599936d2c01af35cdb9c_gandcrab
-
Size
145KB
-
Sample
240423-h9m97aed88
-
MD5
102077a54c27599936d2c01af35cdb9c
-
SHA1
e14d447135ef2773eb0704841d52e2ef400cbac7
-
SHA256
eef7567ed7df21291ba1bb9236cc32003bf952ea2335ad6783645f9e09cf7e3d
-
SHA512
bbea0d93624334ff38cc9e629cad28f72c5d4049cfbb6e4399ab6464b81cccff31f93259ea3bd2eb352546d60fe5b5ec890137473f15e22548c5170f4fae8009
-
SSDEEP
3072:NYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:NyOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-23_102077a54c27599936d2c01af35cdb9c_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-23_102077a54c27599936d2c01af35cdb9c_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-23_102077a54c27599936d2c01af35cdb9c_gandcrab
-
Size
145KB
-
MD5
102077a54c27599936d2c01af35cdb9c
-
SHA1
e14d447135ef2773eb0704841d52e2ef400cbac7
-
SHA256
eef7567ed7df21291ba1bb9236cc32003bf952ea2335ad6783645f9e09cf7e3d
-
SHA512
bbea0d93624334ff38cc9e629cad28f72c5d4049cfbb6e4399ab6464b81cccff31f93259ea3bd2eb352546d60fe5b5ec890137473f15e22548c5170f4fae8009
-
SSDEEP
3072:NYHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:NyOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-