gandcrab | 5704bdcfc66c049916388ef3514ca13cccaec19a9d143a7ea73a48e670ca1120 | Triage

Sharing

General

Target

2024-10-14_3abb201a8d2450f78e9720d50143cb31_gandcrab
Size

70KB
Sample

241014-cxw4nswdrd
MD5

3abb201a8d2450f78e9720d50143cb31
SHA1

58d73e8e316718bc54063b633fb981495994e9a9
SHA256

5704bdcfc66c049916388ef3514ca13cccaec19a9d143a7ea73a48e670ca1120
SHA512

884391984a8c488eb71715436e644fd9bcf043d448cccdcaf90a74b456c626197aac9f40bbeafd35d28687977a07914beb8ab3c3c9f00e6cfaba1360d09c8a5d
SSDEEP

1536:dZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:cd5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2024-10-14_3abb201a8d2450f78e9720d50143cb31_gandcrab
- Size
  
  70KB
- MD5
  
  3abb201a8d2450f78e9720d50143cb31
- SHA1
  
  58d73e8e316718bc54063b633fb981495994e9a9
- SHA256
  
  5704bdcfc66c049916388ef3514ca13cccaec19a9d143a7ea73a48e670ca1120
- SHA512
  
  884391984a8c488eb71715436e644fd9bcf043d448cccdcaf90a74b456c626197aac9f40bbeafd35d28687977a07914beb8ab3c3c9f00e6cfaba1360d09c8a5d
- SSDEEP
  
  1536:dZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:cd5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence