Overview

overview

10

Static

static

10

2024-10-20...ab.exe

windows7-x64

6

2024-10-20...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-20_0f534568b0a55a484c6a93f182d1a7e4_gandcrab

  • Size

    73KB

  • Sample

    241020-e2g7esyfpf

  • MD5

    0f534568b0a55a484c6a93f182d1a7e4

  • SHA1

    3db2e8cc82042de5617dfe7f099c17926abe0ef7

  • SHA256

    3240ff7ade60243788177fc958739aa7a51e8d6a9abf17da15b066759bc224fb

  • SHA512

    dea6f8803f462eaa89fc57747505e9ae404197d003786e0eb9bd0e6c1ad83bf3acdb811ea3b8cf28d5fe6bee7c0a31ee737f0884991a7f92e8c9efd8e5d0ed3c

  • SSDEEP

    1536:555u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:RMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-10-20_0f534568b0a55a484c6a93f182d1a7e4_gandcrab

    • Size

      73KB

    • MD5

      0f534568b0a55a484c6a93f182d1a7e4

    • SHA1

      3db2e8cc82042de5617dfe7f099c17926abe0ef7

    • SHA256

      3240ff7ade60243788177fc958739aa7a51e8d6a9abf17da15b066759bc224fb

    • SHA512

      dea6f8803f462eaa89fc57747505e9ae404197d003786e0eb9bd0e6c1ad83bf3acdb811ea3b8cf28d5fe6bee7c0a31ee737f0884991a7f92e8c9efd8e5d0ed3c

    • SSDEEP

      1536:555u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:RMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks