gandcrab | c8a91374305784fedaece231d4bad6b5674b5bab247981161022b018a4162c30 | Triage

Sharing

General

Target

202410029507849eaf57ae1d6dfc493b65e12ac1gandcrab
Size

70KB
Sample

241002-v1xtgsybkm
MD5

9507849eaf57ae1d6dfc493b65e12ac1
SHA1

c997c12febc020dfae6411dacf6d88061f9469d8
SHA256

c8a91374305784fedaece231d4bad6b5674b5bab247981161022b018a4162c30
SHA512

c7ec75be8e84a1dd8f7f2fbefca5e06122e592e33b31842499404c118beadf6b6778ecda9f4cf6913a6458557a0a365e243e28d87370d4a4772d837a78f2c5a5
SSDEEP

1536:eZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:9d5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  202410029507849eaf57ae1d6dfc493b65e12ac1gandcrab
- Size
  
  70KB
- MD5
  
  9507849eaf57ae1d6dfc493b65e12ac1
- SHA1
  
  c997c12febc020dfae6411dacf6d88061f9469d8
- SHA256
  
  c8a91374305784fedaece231d4bad6b5674b5bab247981161022b018a4162c30
- SHA512
  
  c7ec75be8e84a1dd8f7f2fbefca5e06122e592e33b31842499404c118beadf6b6778ecda9f4cf6913a6458557a0a365e243e28d87370d4a4772d837a78f2c5a5
- SSDEEP
  
  1536:eZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:9d5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence