General

  • Target

    2024-09-29_63200f94b1818aa4bd186fea1426c10f_gandcrab

  • Size

    73KB

  • Sample

    240929-mflayszenp

  • MD5

    63200f94b1818aa4bd186fea1426c10f

  • SHA1

    c53a2e8644530e30980cc5df59776754e441cf67

  • SHA256

    abdd3b790ee1c77cc489646f83bee8ace10d476a02d267729c7e719b46d71b4a

  • SHA512

    ed1bec1a43dd0e8c26a652ae7982b25fe9b3cf68a125bb1cd35447c2d8c8dcf7a2e69be04a794c46a925ba40104f75c889de100b45158375006e53979160ffc5

  • SSDEEP

    1536:d555555555555pmgSeGDjtQhnwmmB0yXMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rK:aMSjOnrmBPMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-29_63200f94b1818aa4bd186fea1426c10f_gandcrab

    • Size

      73KB

    • MD5

      63200f94b1818aa4bd186fea1426c10f

    • SHA1

      c53a2e8644530e30980cc5df59776754e441cf67

    • SHA256

      abdd3b790ee1c77cc489646f83bee8ace10d476a02d267729c7e719b46d71b4a

    • SHA512

      ed1bec1a43dd0e8c26a652ae7982b25fe9b3cf68a125bb1cd35447c2d8c8dcf7a2e69be04a794c46a925ba40104f75c889de100b45158375006e53979160ffc5

    • SSDEEP

      1536:d555555555555pmgSeGDjtQhnwmmB0yXMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rK:aMSjOnrmBPMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks