gandcrab | d27d441fb8c116418aa3f59da7bb4e29e82db15a83d7d52c837de33d7abab421 | Triage

Submit
Reports

Overview

overview

Static

static

00e7b0385d...18.exe

windows7-x64

Sharing

General

Target

240426-x2dhcaad62_pw_infected.zip
Size

34KB
Sample

240426-x6mxksbd4z
MD5

60ffa089286ac8581d3d94304ed3386f
SHA1

14b7c668be9ee476e66a12f9b84317e3656bc809
SHA256

d27d441fb8c116418aa3f59da7bb4e29e82db15a83d7d52c837de33d7abab421
SHA512

4dfc5031b108492cb01d985f2b00eb347fea126f66957a8868c5afb1cf800663ff1b53d2e2f2c26a9df9f70151a3c312fd0cc8c240df0a68d9dca4c6fd5e4442
SSDEEP

768:DuWofymDykCfmjYMEmoOGJHYjrQ0IuiPhdczrxx91lmOeEJg:iK+JBjYMBoT5+00tiPvcvb9qT

Score

10^/10

gandcrab backdoor ransomware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

00e7b0385d86046c8c210fbebb8e8eb8_JaffaCakes118.exe

Resource

win7-20240221-en

gandcrab backdoor ransomware

windows7-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  00e7b0385d86046c8c210fbebb8e8eb8_JaffaCakes118
- Size
  
  69KB
- MD5
  
  00e7b0385d86046c8c210fbebb8e8eb8
- SHA1
  
  1c29187224db369fc48a2c0e0432ed4344af76b6
- SHA256
  
  c426e4379a205f28281eadcf5d3ae77692ce92a21c3e50c1bad75b62f33b78e8
- SHA512
  
  637dc8868582a6c8da82aefd496f65d4a7a5e7ac6bd339daa93bd793c0df2c6397c8c77f6cd642ac517664e5d6a444c6889366fdcb2172cadc293372b237f450
- SSDEEP
  
  1536:tZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAmMqqU+2bbbAV2/S2Lccu:RBounVyFHjMqqDL2/Lcc
Score

10^/10

gandcrab backdoor ransomware
- GandCrab payload
- Gandcrab
  Gandcrab is a Trojan horse that encrypts files on a computer.
  ransomware backdoor gandcrab
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

gandcrabbackdoorransomware

© 2018-2024

Terms | Privacy