General
-
Target
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4.exe
-
Size
162KB
-
Sample
240726-fcva5axbmn
-
MD5
203dd75cbd98919e8364a12e810341af
-
SHA1
be6f560f2bc97d2905740249337b62d1d45dcd37
-
SHA256
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4
-
SHA512
fbf2ab05f12c7851bbfae23c77bf9fd8bca20030ca54d829ec93ce1ecf547aaf4f326cae5319d17622bb00a93bd43885cebcf7074123bb00e4f835a05def110c
-
SSDEEP
3072:3YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtNMGCH:3yOqqDL64vdGREzR
Behavioral task
behavioral1
Sample
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4.exe
-
Size
162KB
-
MD5
203dd75cbd98919e8364a12e810341af
-
SHA1
be6f560f2bc97d2905740249337b62d1d45dcd37
-
SHA256
9be15ab511f2392041675ba968616fcf82cdcbe458039b4f54b41824da8974f4
-
SHA512
fbf2ab05f12c7851bbfae23c77bf9fd8bca20030ca54d829ec93ce1ecf547aaf4f326cae5319d17622bb00a93bd43885cebcf7074123bb00e4f835a05def110c
-
SSDEEP
3072:3YHVHd2NCMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdCjRv9OtNMGCH:3yOqqDL64vdGREzR
-
GandCrab payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-