General

  • Target

    2024-09-30_7ec6f2a91e6a3b16d39d98ff3def2fa5_gandcrab

  • Size

    76KB

  • Sample

    240930-cye7jsxeme

  • MD5

    7ec6f2a91e6a3b16d39d98ff3def2fa5

  • SHA1

    6c50e7c8878b954e577a6b81f7c005c6fa4589b0

  • SHA256

    3addd287703a83068ec0fd338bffbec690107542dd5d441d5ad654285e0e3c0e

  • SHA512

    5d2ca0661fcc7482d241bb6657fbe93b127219edb5677899b6503d1cd5a1d939f310ba4b8f64cd4d636f7f8ce3d738d34560ec22d9e3164de89f94abe57f77d2

  • SSDEEP

    1536:D55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r9:fMSjOnrmBTMqqDL2/mr3IdE8we0Avu5J

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-30_7ec6f2a91e6a3b16d39d98ff3def2fa5_gandcrab

    • Size

      76KB

    • MD5

      7ec6f2a91e6a3b16d39d98ff3def2fa5

    • SHA1

      6c50e7c8878b954e577a6b81f7c005c6fa4589b0

    • SHA256

      3addd287703a83068ec0fd338bffbec690107542dd5d441d5ad654285e0e3c0e

    • SHA512

      5d2ca0661fcc7482d241bb6657fbe93b127219edb5677899b6503d1cd5a1d939f310ba4b8f64cd4d636f7f8ce3d738d34560ec22d9e3164de89f94abe57f77d2

    • SSDEEP

      1536:D55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r9:fMSjOnrmBTMqqDL2/mr3IdE8we0Avu5J

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks