General

  • Target

    2024-09-28_01371c43f6c28c2c88d40b1338a3ae71_gandcrab

  • Size

    83KB

  • Sample

    240928-ctjzyavane

  • MD5

    01371c43f6c28c2c88d40b1338a3ae71

  • SHA1

    e4b87bc6167eed4dceaaac0bb3b7f2f1af755243

  • SHA256

    37f7a12eae12148d19d041e570fc94cd4313eabc5caa25a736380eb4d2ff6316

  • SHA512

    7f090513f044307096d560e3b836072d8081740afb8472a95f8557ea9ede65069a33a8943968a2209a3aa7cad78b4f578e9bb238321fadcca97bf5645a28da41

  • SSDEEP

    1536:055u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:mMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-28_01371c43f6c28c2c88d40b1338a3ae71_gandcrab

    • Size

      83KB

    • MD5

      01371c43f6c28c2c88d40b1338a3ae71

    • SHA1

      e4b87bc6167eed4dceaaac0bb3b7f2f1af755243

    • SHA256

      37f7a12eae12148d19d041e570fc94cd4313eabc5caa25a736380eb4d2ff6316

    • SHA512

      7f090513f044307096d560e3b836072d8081740afb8472a95f8557ea9ede65069a33a8943968a2209a3aa7cad78b4f578e9bb238321fadcca97bf5645a28da41

    • SSDEEP

      1536:055u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:mMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks