General

  • Target

    2024-09-29_0f16c86724d03677c69a4f216f75227e_gandcrab

  • Size

    73KB

  • Sample

    240929-w2zvxaydqa

  • MD5

    0f16c86724d03677c69a4f216f75227e

  • SHA1

    71374f611c620897cbc164997b49c7eada1dc521

  • SHA256

    cb2ddf22415282729ceecf878803dbf7f98deda3809503e3849a150869a2605a

  • SHA512

    e123d74f3e2910147732ca7df057a3968531a0c84fcf6d565a9ce7304356e41350ecc06a280a4d7783d93d11411923a29f489599a8532ff7408051dc7856ea1c

  • SSDEEP

    1536:ZgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:ZMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-29_0f16c86724d03677c69a4f216f75227e_gandcrab

    • Size

      73KB

    • MD5

      0f16c86724d03677c69a4f216f75227e

    • SHA1

      71374f611c620897cbc164997b49c7eada1dc521

    • SHA256

      cb2ddf22415282729ceecf878803dbf7f98deda3809503e3849a150869a2605a

    • SHA512

      e123d74f3e2910147732ca7df057a3968531a0c84fcf6d565a9ce7304356e41350ecc06a280a4d7783d93d11411923a29f489599a8532ff7408051dc7856ea1c

    • SSDEEP

      1536:ZgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:ZMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks