General

  • Target

    2024-09-27_7e56fda13194a9ff7f8e03377314ac8f_gandcrab

  • Size

    97KB

  • Sample

    240927-h8lpza1flm

  • MD5

    7e56fda13194a9ff7f8e03377314ac8f

  • SHA1

    61dac2b19ab19a421755aa5bab9440acb46bf435

  • SHA256

    5c9ee29f9ff0a4a7b8be4014beebd7b3d8d60d033e5cacc570c83b48652dcf75

  • SHA512

    6b4c4628aeb89985e798456c4dee3cf9564cf96c541bce5651e8d7843ac8fb1c3b55fcbcc008d428c69b5f54697d5f9b377f8bac4accee5b57a470b30814ca52

  • SSDEEP

    1536:IZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:GBounVyFHFMqqDL2/LgHkc2

Malware Config

Targets

    • Target

      2024-09-27_7e56fda13194a9ff7f8e03377314ac8f_gandcrab

    • Size

      97KB

    • MD5

      7e56fda13194a9ff7f8e03377314ac8f

    • SHA1

      61dac2b19ab19a421755aa5bab9440acb46bf435

    • SHA256

      5c9ee29f9ff0a4a7b8be4014beebd7b3d8d60d033e5cacc570c83b48652dcf75

    • SHA512

      6b4c4628aeb89985e798456c4dee3cf9564cf96c541bce5651e8d7843ac8fb1c3b55fcbcc008d428c69b5f54697d5f9b377f8bac4accee5b57a470b30814ca52

    • SSDEEP

      1536:IZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:GBounVyFHFMqqDL2/LgHkc2

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks