General
-
Target
2024-04-25_513b95535cfc824a652deb9744aad192_gandcrab
-
Size
73KB
-
Sample
240425-e7g4lsfe6w
-
MD5
513b95535cfc824a652deb9744aad192
-
SHA1
c1ef7011802a7b417da6b295d32d6539aaa9d756
-
SHA256
404d82c91f3dbe5afdafd8d828ae34f4da11247ca91625fb5eebaeeb35037739
-
SHA512
884f1603b4c03cc411f225c364401c56f1bf1fd720c45401dbf68edc7cc8a37c2f75d96afaa1eb694abae83c140cc5f8c579cbaa0f2e70a21253dd2ca2ab8c96
-
SSDEEP
1536:OzzzzzzzzV9rXounVZ8hbHnAXMqqUM2Lkvd6g:sBounVWFHCMqqMLkvdb
Behavioral task
behavioral1
Sample
2024-04-25_513b95535cfc824a652deb9744aad192_gandcrab.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-25_513b95535cfc824a652deb9744aad192_gandcrab.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-25_513b95535cfc824a652deb9744aad192_gandcrab
-
Size
73KB
-
MD5
513b95535cfc824a652deb9744aad192
-
SHA1
c1ef7011802a7b417da6b295d32d6539aaa9d756
-
SHA256
404d82c91f3dbe5afdafd8d828ae34f4da11247ca91625fb5eebaeeb35037739
-
SHA512
884f1603b4c03cc411f225c364401c56f1bf1fd720c45401dbf68edc7cc8a37c2f75d96afaa1eb694abae83c140cc5f8c579cbaa0f2e70a21253dd2ca2ab8c96
-
SSDEEP
1536:OzzzzzzzzV9rXounVZ8hbHnAXMqqUM2Lkvd6g:sBounVWFHCMqqMLkvdb
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-