General

  • Target

    e461a7bb19b100bdac1f277a678ade00N.exe

  • Size

    176KB

  • Sample

    240725-vm4d4sshpr

  • MD5

    e461a7bb19b100bdac1f277a678ade00

  • SHA1

    39a52dba71a62976d6ad595bb96461300c5d52e0

  • SHA256

    6f687b099bad9c863c4d04aca48bb39d4848444d445207ef7b8fc3ef96bccd56

  • SHA512

    dcba2f3b4a9e6b16c441d04647b5da32d7c9f96f151fe0679e951a33a3bdded4e254e57b6fb6aa562666a6a1840f16aeeec4a68bb77d469c6d3465ea7e8a72be

  • SSDEEP

    3072:lsiXMounFfqqysPOEGpNFRsqHcvxusDFu3MJgQDhhUw6kjTWTXSIxIgWspCAZ4s:2i/uFZt3QR5MusZnJJDhhdvTyegWsPZx

Malware Config

Targets

    • Target

      e461a7bb19b100bdac1f277a678ade00N.exe

    • Size

      176KB

    • MD5

      e461a7bb19b100bdac1f277a678ade00

    • SHA1

      39a52dba71a62976d6ad595bb96461300c5d52e0

    • SHA256

      6f687b099bad9c863c4d04aca48bb39d4848444d445207ef7b8fc3ef96bccd56

    • SHA512

      dcba2f3b4a9e6b16c441d04647b5da32d7c9f96f151fe0679e951a33a3bdded4e254e57b6fb6aa562666a6a1840f16aeeec4a68bb77d469c6d3465ea7e8a72be

    • SSDEEP

      3072:lsiXMounFfqqysPOEGpNFRsqHcvxusDFu3MJgQDhhUw6kjTWTXSIxIgWspCAZ4s:2i/uFZt3QR5MusZnJJDhhdvTyegWsPZx

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks