General

  • Target

    2024-09-26_28bb8a1888c57596699ea8b343179020_gandcrab

  • Size

    73KB

  • Sample

    240926-z8aq5s1fmb

  • MD5

    28bb8a1888c57596699ea8b343179020

  • SHA1

    4d1fcc1fc8f004d2f4d10703813f47069badafab

  • SHA256

    a64024c25fcc3dfcb9d0ac99e46733fa464c90a4f78d4f815a8be1089c15a361

  • SHA512

    aab3e58ffb0b82874f33b6f28ab9cfddd8a98abb3402b36774a3d0c84919fd2ecb3d92a94484b3bb250a85328e0acc6c9dcf213ce7d3ef48617857e3f9ab2d54

  • SSDEEP

    1536:n555555555555pmgSeGDjtQhnwmmB0yLyMqqU+2bbbAV2/S2mr3IdE8mne0Avu5G:oMSjOnrmBeMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-26_28bb8a1888c57596699ea8b343179020_gandcrab

    • Size

      73KB

    • MD5

      28bb8a1888c57596699ea8b343179020

    • SHA1

      4d1fcc1fc8f004d2f4d10703813f47069badafab

    • SHA256

      a64024c25fcc3dfcb9d0ac99e46733fa464c90a4f78d4f815a8be1089c15a361

    • SHA512

      aab3e58ffb0b82874f33b6f28ab9cfddd8a98abb3402b36774a3d0c84919fd2ecb3d92a94484b3bb250a85328e0acc6c9dcf213ce7d3ef48617857e3f9ab2d54

    • SSDEEP

      1536:n555555555555pmgSeGDjtQhnwmmB0yLyMqqU+2bbbAV2/S2mr3IdE8mne0Avu5G:oMSjOnrmBeMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks