General
-
Target
2024-07-09_2f51af4b19174d130e062eb837de8bc3_gandcrab
-
Size
73KB
-
Sample
240709-ykhamstfjg
-
MD5
2f51af4b19174d130e062eb837de8bc3
-
SHA1
ce1e675d9a25d6eff2f8336629a6ffdb23e02c8c
-
SHA256
46385dbadfad2fb50a8a3eb545d6b9c81a40d661b98c120d8761aaa432827bfc
-
SHA512
3b66b9666921e9b3a2f6595424d4b1907279c6276524a315a033e081e347a2d7ca54ef375a00192059bb20759d98abd5714c6fd676084fc49fbfe85f5dec17f4
-
SSDEEP
1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F
Behavioral task
behavioral1
Sample
2024-07-09_2f51af4b19174d130e062eb837de8bc3_gandcrab.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-09_2f51af4b19174d130e062eb837de8bc3_gandcrab.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-07-09_2f51af4b19174d130e062eb837de8bc3_gandcrab
-
Size
73KB
-
MD5
2f51af4b19174d130e062eb837de8bc3
-
SHA1
ce1e675d9a25d6eff2f8336629a6ffdb23e02c8c
-
SHA256
46385dbadfad2fb50a8a3eb545d6b9c81a40d661b98c120d8761aaa432827bfc
-
SHA512
3b66b9666921e9b3a2f6595424d4b1907279c6276524a315a033e081e347a2d7ca54ef375a00192059bb20759d98abd5714c6fd676084fc49fbfe85f5dec17f4
-
SSDEEP
1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-