General

  • Target

    2024-09-30_58d4d5bef4c53ed1b90af57df0a7c4e5_gandcrab

  • Size

    73KB

  • Sample

    240930-dzt8jawajn

  • MD5

    58d4d5bef4c53ed1b90af57df0a7c4e5

  • SHA1

    322dff998957ceac5d121cf0a1800f42bb132db8

  • SHA256

    eb442708ffe5d998143ed411cf1c0e8c73fc708b0743bcd4299d9c69e40888b0

  • SHA512

    b0289ecf660f64018823a0c6b38f83713d4fd1a9a43ad91ec4d97a5b3cd99960de041d14f1d0f764a410270fa7a6a0007c9e0ae165f304744296a2ee077123e1

  • SSDEEP

    1536:lgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:lMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-09-30_58d4d5bef4c53ed1b90af57df0a7c4e5_gandcrab

    • Size

      73KB

    • MD5

      58d4d5bef4c53ed1b90af57df0a7c4e5

    • SHA1

      322dff998957ceac5d121cf0a1800f42bb132db8

    • SHA256

      eb442708ffe5d998143ed411cf1c0e8c73fc708b0743bcd4299d9c69e40888b0

    • SHA512

      b0289ecf660f64018823a0c6b38f83713d4fd1a9a43ad91ec4d97a5b3cd99960de041d14f1d0f764a410270fa7a6a0007c9e0ae165f304744296a2ee077123e1

    • SSDEEP

      1536:lgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:lMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks