Overview

overview

10

Static

static

3

2024-10-08...ny.exe

windows7-x64

10

2024-10-08...ny.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-08_70344f7cc7e13480939c6f23225f2a1b_bkransomware_karagany

  • Size

    143KB

  • Sample

    241008-pcrpnssbnc

  • MD5

    70344f7cc7e13480939c6f23225f2a1b

  • SHA1

    54a5f1d7657ed5a1c741baf750da0d75d751c54e

  • SHA256

    3f3378a950104f0a898011cbb25c21d01474e095089dc942f0086be250ce545f

  • SHA512

    4bee6947018a5f2b307e843af0dfb1d7183be9a4e1fa5d66c623c95626b9094f2368e902410b25e062bbd6d31464c8f9f2cf8fbe04989fa0e5ae861694ae5655

  • SSDEEP

    3072:G+HcL2dCfIfPQ+kS62FxyjEoZ/+5l7Vjp9:LVfvkSjx4EQ/+Np9

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2024-10-08_70344f7cc7e13480939c6f23225f2a1b_bkransomware_karagany

    • Size

      143KB

    • MD5

      70344f7cc7e13480939c6f23225f2a1b

    • SHA1

      54a5f1d7657ed5a1c741baf750da0d75d751c54e

    • SHA256

      3f3378a950104f0a898011cbb25c21d01474e095089dc942f0086be250ce545f

    • SHA512

      4bee6947018a5f2b307e843af0dfb1d7183be9a4e1fa5d66c623c95626b9094f2368e902410b25e062bbd6d31464c8f9f2cf8fbe04989fa0e5ae861694ae5655

    • SSDEEP

      3072:G+HcL2dCfIfPQ+kS62FxyjEoZ/+5l7Vjp9:LVfvkSjx4EQ/+Np9

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks