General

  • Target

    202409297dc3616f73427fa9749465e5217aa156gandcrab

  • Size

    73KB

  • Sample

    240929-smedwayhkk

  • MD5

    7dc3616f73427fa9749465e5217aa156

  • SHA1

    77053ff4c536ec519151e4e1d9a2fd4e8322ba70

  • SHA256

    6bff351853cfba8ad1f9b4e6d35541fcf83fe807563f9488abe495ebba7478ab

  • SHA512

    6725e3ab0361d120c28acfec74d0750518da2509e991a3751e4b7da0a10834024e5dcf852292b6e0b12f076bc43f876f0b1dfa6faeb70810187f76db480e4747

  • SSDEEP

    1536:6gSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:6MSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      202409297dc3616f73427fa9749465e5217aa156gandcrab

    • Size

      73KB

    • MD5

      7dc3616f73427fa9749465e5217aa156

    • SHA1

      77053ff4c536ec519151e4e1d9a2fd4e8322ba70

    • SHA256

      6bff351853cfba8ad1f9b4e6d35541fcf83fe807563f9488abe495ebba7478ab

    • SHA512

      6725e3ab0361d120c28acfec74d0750518da2509e991a3751e4b7da0a10834024e5dcf852292b6e0b12f076bc43f876f0b1dfa6faeb70810187f76db480e4747

    • SSDEEP

      1536:6gSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:6MSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks