General

  • Target

    2024-09-30_626afda132b9d49c7f1c040ca21f1899_gandcrab

  • Size

    73KB

  • Sample

    240930-cxf3fstapm

  • MD5

    626afda132b9d49c7f1c040ca21f1899

  • SHA1

    34827ad5d5835f64b7ce75ea6dd3773f89031cec

  • SHA256

    36aba8483cbcbbb1ba1799be687186068ecb1bd672fa5bbba07a297db5ca52d9

  • SHA512

    486d47b97e2cd4d876a2e507925a42e43f0e9f81383f8e9fdc9d5c60bd48b7c9ac60226b4818f23df7c636a4fc551804de5fdd7bbc6fe85a9627186bd33b5014

  • SSDEEP

    1536:A55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:yMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-30_626afda132b9d49c7f1c040ca21f1899_gandcrab

    • Size

      73KB

    • MD5

      626afda132b9d49c7f1c040ca21f1899

    • SHA1

      34827ad5d5835f64b7ce75ea6dd3773f89031cec

    • SHA256

      36aba8483cbcbbb1ba1799be687186068ecb1bd672fa5bbba07a297db5ca52d9

    • SHA512

      486d47b97e2cd4d876a2e507925a42e43f0e9f81383f8e9fdc9d5c60bd48b7c9ac60226b4818f23df7c636a4fc551804de5fdd7bbc6fe85a9627186bd33b5014

    • SSDEEP

      1536:A55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:yMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks