General
-
Target
2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab
-
Size
97KB
-
Sample
240615-w9e6ga1arf
-
MD5
3c996d084d9ea81bbf7d8a3482be2732
-
SHA1
22adae3ee88dabb3d06a8a5907a580b796f49300
-
SHA256
5e217b304848ca933e10ce2e0c6db202bbbec0ea37ecbe3df0544b4412167227
-
SHA512
a6aef88c3c70153d091135153de9c8c1572c8a0d790e35a667b87dced233c208356a17a918a5efd2ab05060e671056d13081dc780988e3f3defd1709d06511eb
-
SSDEEP
1536:XZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:fBounVyFHkMqqDL2/LgHkctc
Behavioral task
behavioral1
Sample
2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab
-
Size
97KB
-
MD5
3c996d084d9ea81bbf7d8a3482be2732
-
SHA1
22adae3ee88dabb3d06a8a5907a580b796f49300
-
SHA256
5e217b304848ca933e10ce2e0c6db202bbbec0ea37ecbe3df0544b4412167227
-
SHA512
a6aef88c3c70153d091135153de9c8c1572c8a0d790e35a667b87dced233c208356a17a918a5efd2ab05060e671056d13081dc780988e3f3defd1709d06511eb
-
SSDEEP
1536:XZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:fBounVyFHkMqqDL2/LgHkctc
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
UPX dump on OEP (original entry point)
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-