General
-
Target
2024-04-25_6e055eecee23091c4c25d632b368b23d_gandcrab
-
Size
73KB
-
Sample
240425-eb3ensef87
-
MD5
6e055eecee23091c4c25d632b368b23d
-
SHA1
1f5e979c08df3dc75be0a561a7b2d012ea8fb1fb
-
SHA256
91517577b350641c042dede81ab08707a3b2686fbffc5b62f1a4baf06755e295
-
SHA512
443e138a2f1745eb5714ae31a0f04038647e5cbac59b1618ffa50af92de7bed1a5972dd03992ccb8d84b3a70e4b298b784c80424e4c0ae5270449a51e1f919af
-
SSDEEP
1536:mzzzzzzzzV9rXounVZ8hbHnAXMqqUM2Lkvd6g:EBounVWFHCMqqMLkvdb
Behavioral task
behavioral1
Sample
2024-04-25_6e055eecee23091c4c25d632b368b23d_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_6e055eecee23091c4c25d632b368b23d_gandcrab.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_6e055eecee23091c4c25d632b368b23d_gandcrab
-
Size
73KB
-
MD5
6e055eecee23091c4c25d632b368b23d
-
SHA1
1f5e979c08df3dc75be0a561a7b2d012ea8fb1fb
-
SHA256
91517577b350641c042dede81ab08707a3b2686fbffc5b62f1a4baf06755e295
-
SHA512
443e138a2f1745eb5714ae31a0f04038647e5cbac59b1618ffa50af92de7bed1a5972dd03992ccb8d84b3a70e4b298b784c80424e4c0ae5270449a51e1f919af
-
SSDEEP
1536:mzzzzzzzzV9rXounVZ8hbHnAXMqqUM2Lkvd6g:EBounVWFHCMqqMLkvdb
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-