General
-
Target
2024-07-25_18ee9f1e1f18868b8ed25bb431dc4c0a_gandcrab
-
Size
83KB
-
Sample
240725-x4y7tsshlf
-
MD5
18ee9f1e1f18868b8ed25bb431dc4c0a
-
SHA1
0e0e6278d5ec76bbb95a1e463b465b990a7ccbf5
-
SHA256
92bee702800feddb64e4fe120be0b25cac58975219b3e339641d37d3f2f10520
-
SHA512
50193cbeb5499f95f92bfc1024c6072c985f516af9130b320854d615945e42460035cfceec601b857f9b7f88cf7ff15fe67877d178476b318a67cec946529a20
-
SSDEEP
1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l
Behavioral task
behavioral1
Sample
2024-07-25_18ee9f1e1f18868b8ed25bb431dc4c0a_gandcrab.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-07-25_18ee9f1e1f18868b8ed25bb431dc4c0a_gandcrab.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-07-25_18ee9f1e1f18868b8ed25bb431dc4c0a_gandcrab
-
Size
83KB
-
MD5
18ee9f1e1f18868b8ed25bb431dc4c0a
-
SHA1
0e0e6278d5ec76bbb95a1e463b465b990a7ccbf5
-
SHA256
92bee702800feddb64e4fe120be0b25cac58975219b3e339641d37d3f2f10520
-
SHA512
50193cbeb5499f95f92bfc1024c6072c985f516af9130b320854d615945e42460035cfceec601b857f9b7f88cf7ff15fe67877d178476b318a67cec946529a20
-
SSDEEP
1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-