General

  • Target

    2024-09-27_c2fa6e826183f4756c5508c7763ed017_gandcrab

  • Size

    73KB

  • Sample

    240927-tzrqeatfnc

  • MD5

    c2fa6e826183f4756c5508c7763ed017

  • SHA1

    5a35f7b560fc92d1312e8aa337eedc667201f081

  • SHA256

    5fc2b77925e490df51eb8a259437de8d4e7e2b2be7b5892795ee605b3a817fa5

  • SHA512

    1be85e7112050a40035b52d1bcbecc712992cedecf0a7542c68582ea66750749f8f316f230ce6363f79b8149caf56fcba469daa5ae3313fe572f15735763bf83

  • SSDEEP

    1536:AgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:AMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-27_c2fa6e826183f4756c5508c7763ed017_gandcrab

    • Size

      73KB

    • MD5

      c2fa6e826183f4756c5508c7763ed017

    • SHA1

      5a35f7b560fc92d1312e8aa337eedc667201f081

    • SHA256

      5fc2b77925e490df51eb8a259437de8d4e7e2b2be7b5892795ee605b3a817fa5

    • SHA512

      1be85e7112050a40035b52d1bcbecc712992cedecf0a7542c68582ea66750749f8f316f230ce6363f79b8149caf56fcba469daa5ae3313fe572f15735763bf83

    • SSDEEP

      1536:AgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:AMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks