General

  • Target

    2024-10-20_59a70aae5cb9109e7bfcdcb9d0cc034d_gandcrab

  • Size

    97KB

  • Sample

    241020-d8zvdaygkn

  • MD5

    59a70aae5cb9109e7bfcdcb9d0cc034d

  • SHA1

    aeb0f8750667cf30c21930e98a96983514156394

  • SHA256

    07961b3aa159acbde69a3ddf29ba79e3cfd5abddcd7666fbecf644669bb30fc9

  • SHA512

    3acf57a89f72b9155b667bd09dc8105fe2c8a9594a4af1d207b18bb28ac0aa43b7dcfbda94e80e528a16c8aed6546b724e2719dc18cff8d1bedd706f47eed71b

  • SSDEEP

    1536:FZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:ZBounVyFHkMqqDL2/LgHkctc

Malware Config

Targets

    • Target

      2024-10-20_59a70aae5cb9109e7bfcdcb9d0cc034d_gandcrab

    • Size

      97KB

    • MD5

      59a70aae5cb9109e7bfcdcb9d0cc034d

    • SHA1

      aeb0f8750667cf30c21930e98a96983514156394

    • SHA256

      07961b3aa159acbde69a3ddf29ba79e3cfd5abddcd7666fbecf644669bb30fc9

    • SHA512

      3acf57a89f72b9155b667bd09dc8105fe2c8a9594a4af1d207b18bb28ac0aa43b7dcfbda94e80e528a16c8aed6546b724e2719dc18cff8d1bedd706f47eed71b

    • SSDEEP

      1536:FZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:ZBounVyFHkMqqDL2/LgHkctc

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks