General

  • Target

    2024-09-27_51dd9ae080fb27dd80f42787441c05c2_gandcrab

  • Size

    73KB

  • Sample

    240927-txecastelc

  • MD5

    51dd9ae080fb27dd80f42787441c05c2

  • SHA1

    b5fa8dd05834992cf4946d8c9b7366e6e95d603e

  • SHA256

    4b15a6a226aa8300e21c9bfeaef7e6033f47e91efefe2cae6c34546cf0bd03d4

  • SHA512

    d36c060cf2d4ec616142060c06593c7e9d8782f5f049561b2ac75e32575c0798791967dda58139070c4170cc46bf191121ad07266a661a781fbdad005556263e

  • SSDEEP

    1536:a555555555555pmgSeGDjtQhnwmmB0yZMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r8:rMSjOnrmBRMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-27_51dd9ae080fb27dd80f42787441c05c2_gandcrab

    • Size

      73KB

    • MD5

      51dd9ae080fb27dd80f42787441c05c2

    • SHA1

      b5fa8dd05834992cf4946d8c9b7366e6e95d603e

    • SHA256

      4b15a6a226aa8300e21c9bfeaef7e6033f47e91efefe2cae6c34546cf0bd03d4

    • SHA512

      d36c060cf2d4ec616142060c06593c7e9d8782f5f049561b2ac75e32575c0798791967dda58139070c4170cc46bf191121ad07266a661a781fbdad005556263e

    • SSDEEP

      1536:a555555555555pmgSeGDjtQhnwmmB0yZMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r8:rMSjOnrmBRMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks