General
-
Target
2024-04-23_5e6590779747976a2bf4f28d95f88ab7_gandcrab
-
Size
145KB
-
Sample
240423-jec2eaee57
-
MD5
5e6590779747976a2bf4f28d95f88ab7
-
SHA1
445a22610ba13c87c9d8607a1b6afb8af9ef26dd
-
SHA256
1f04a3308693aa17ac1e8dfc42e9852ee0083acc0b40b83af06823ccebc7ce61
-
SHA512
e5a89f06e8aaf3227f3087f8c65ce11d72d3af8eb5a1d421a9246a3add4fb77a541fc28b5186db5f988112c755b1e0f8be95d6f833f427170f10d84fc333c575
-
SSDEEP
3072:7YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:7yOqqDL64vdGREz
Behavioral task
behavioral1
Sample
2024-04-23_5e6590779747976a2bf4f28d95f88ab7_gandcrab.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-23_5e6590779747976a2bf4f28d95f88ab7_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-23_5e6590779747976a2bf4f28d95f88ab7_gandcrab
-
Size
145KB
-
MD5
5e6590779747976a2bf4f28d95f88ab7
-
SHA1
445a22610ba13c87c9d8607a1b6afb8af9ef26dd
-
SHA256
1f04a3308693aa17ac1e8dfc42e9852ee0083acc0b40b83af06823ccebc7ce61
-
SHA512
e5a89f06e8aaf3227f3087f8c65ce11d72d3af8eb5a1d421a9246a3add4fb77a541fc28b5186db5f988112c755b1e0f8be95d6f833f427170f10d84fc333c575
-
SSDEEP
3072:7YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtN:7yOqqDL64vdGREz
Score10/10-
GandCrab payload
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-