General
-
Target
2024-07-10_214c2e3f0bb58b09e29b60f16f3d1a36_gandcrab
-
Size
77KB
-
Sample
240710-qp6j2asfne
-
MD5
214c2e3f0bb58b09e29b60f16f3d1a36
-
SHA1
5804c85e049e2f4d38db48db904fd67de0d4bfa3
-
SHA256
9c965b6f79096fddbb391e8713c2fb22b011b95a001efcab6098acecc6abcc13
-
SHA512
e59b0ae4802ff78a7a46c77052407254906164d448f1155bc59a6db569e3755c38d3996126ea05356e8168897a42d682f8672915923d9f11cacc9c5257e1cfb3
-
SSDEEP
1536:0gSeGDjnjhnwjyB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv9:0MSjVneyBbMqqMmr3IdE8we0Avu5r++X
Behavioral task
behavioral1
Sample
2024-07-10_214c2e3f0bb58b09e29b60f16f3d1a36_gandcrab.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-07-10_214c2e3f0bb58b09e29b60f16f3d1a36_gandcrab.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-07-10_214c2e3f0bb58b09e29b60f16f3d1a36_gandcrab
-
Size
77KB
-
MD5
214c2e3f0bb58b09e29b60f16f3d1a36
-
SHA1
5804c85e049e2f4d38db48db904fd67de0d4bfa3
-
SHA256
9c965b6f79096fddbb391e8713c2fb22b011b95a001efcab6098acecc6abcc13
-
SHA512
e59b0ae4802ff78a7a46c77052407254906164d448f1155bc59a6db569e3755c38d3996126ea05356e8168897a42d682f8672915923d9f11cacc9c5257e1cfb3
-
SSDEEP
1536:0gSeGDjnjhnwjyB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv9:0MSjVneyBbMqqMmr3IdE8we0Avu5r++X
Score10/10-
GandCrab payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-