General
-
Target
2024-05-02_40c5646c299c199ff1bed5b3e785d53b_gandcrab
-
Size
97KB
-
Sample
240502-y7ywxafa5x
-
MD5
40c5646c299c199ff1bed5b3e785d53b
-
SHA1
da0b60da1dbf1548569b4c53755ad431497dde4c
-
SHA256
f75f0e20db19d7117b58e33ce2b2a359ef9d4b7198bcc48aad7ab8b4151e273c
-
SHA512
a05c28df4a635de831b2b6a6a74ed546383b9cdd1edefcd8fe045d955e10b27c1a3594f20f6b634fd2fe2ff0c17dbc80580076da421f3231b92a8c0a5d7df35e
-
SSDEEP
1536:DZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:TBounVyFHFMqqDL2/LgHkc2
Behavioral task
behavioral1
Sample
2024-05-02_40c5646c299c199ff1bed5b3e785d53b_gandcrab.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-02_40c5646c299c199ff1bed5b3e785d53b_gandcrab.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-02_40c5646c299c199ff1bed5b3e785d53b_gandcrab
-
Size
97KB
-
MD5
40c5646c299c199ff1bed5b3e785d53b
-
SHA1
da0b60da1dbf1548569b4c53755ad431497dde4c
-
SHA256
f75f0e20db19d7117b58e33ce2b2a359ef9d4b7198bcc48aad7ab8b4151e273c
-
SHA512
a05c28df4a635de831b2b6a6a74ed546383b9cdd1edefcd8fe045d955e10b27c1a3594f20f6b634fd2fe2ff0c17dbc80580076da421f3231b92a8c0a5d7df35e
-
SSDEEP
1536:DZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:TBounVyFHFMqqDL2/LgHkc2
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
UPX dump on OEP (original entry point)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-