Overview

overview

10

Static

static

10

2024-10-09...ab.exe

windows7-x64

6

2024-10-09...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-09_c7814cf2e1c4f281654ea49de03a8e3b_gandcrab

  • Size

    73KB

  • Sample

    241009-3l481sxaql

  • MD5

    c7814cf2e1c4f281654ea49de03a8e3b

  • SHA1

    818c48ef76630209e12d7e0e47f9458caa1509fb

  • SHA256

    f3c5921f4e70bc94aef271654d814111b053e70c783278bc7ed6ad655e1d1c3d

  • SHA512

    8fd54f532c9bd4292a3a87f76e240f0a5b9d495c342d969df14dd8267b76ded88d8f1200358107a60946b183825bc4c52c1de3605babc53512b1a548b2ddd5f4

  • SSDEEP

    1536:S555555555555pmgSeGDjtQhnwmmB0yxMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rZ:DMSjOnrmBZMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-10-09_c7814cf2e1c4f281654ea49de03a8e3b_gandcrab

    • Size

      73KB

    • MD5

      c7814cf2e1c4f281654ea49de03a8e3b

    • SHA1

      818c48ef76630209e12d7e0e47f9458caa1509fb

    • SHA256

      f3c5921f4e70bc94aef271654d814111b053e70c783278bc7ed6ad655e1d1c3d

    • SHA512

      8fd54f532c9bd4292a3a87f76e240f0a5b9d495c342d969df14dd8267b76ded88d8f1200358107a60946b183825bc4c52c1de3605babc53512b1a548b2ddd5f4

    • SSDEEP

      1536:S555555555555pmgSeGDjtQhnwmmB0yxMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rZ:DMSjOnrmBZMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks