General

  • Target

    2024-07-25_b7a10849ed207e4f92b3adba8b439192_gandcrab

  • Size

    73KB

  • Sample

    240725-3dl3ga1gqp

  • MD5

    b7a10849ed207e4f92b3adba8b439192

  • SHA1

    abfce8956a087f1481c424695bd51480ab9a0d6c

  • SHA256

    a55259c6454293f41a20b053c8cf4b850bd85c7eedcd0571ade158c08469008a

  • SHA512

    170e958f246fbdbcc79a1da37ba2e31372fab6c33b25f52737d5f4d53fd8ae33ef1972eddd46d9c37b7667cafe97b24a84d3d3cddd90d6bcbe431d58031300bb

  • SSDEEP

    1536:y55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:IMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-07-25_b7a10849ed207e4f92b3adba8b439192_gandcrab

    • Size

      73KB

    • MD5

      b7a10849ed207e4f92b3adba8b439192

    • SHA1

      abfce8956a087f1481c424695bd51480ab9a0d6c

    • SHA256

      a55259c6454293f41a20b053c8cf4b850bd85c7eedcd0571ade158c08469008a

    • SHA512

      170e958f246fbdbcc79a1da37ba2e31372fab6c33b25f52737d5f4d53fd8ae33ef1972eddd46d9c37b7667cafe97b24a84d3d3cddd90d6bcbe431d58031300bb

    • SSDEEP

      1536:y55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:IMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks