Overview

overview

10

Static

static

10

2024-10-20...ab.exe

windows7-x64

6

2024-10-20...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-20_01132e3b04900ce1e0e64b3d44d39187_gandcrab

  • Size

    73KB

  • Sample

    241020-h7sf5awcmc

  • MD5

    01132e3b04900ce1e0e64b3d44d39187

  • SHA1

    8afae24f9ec6916341c4671a43f3f1c63e786a73

  • SHA256

    60f497051a64bb3d6c403ba81ea1e7571644732a1752c46302ad8f1ae077021d

  • SHA512

    608c4be98683f225e89501047b5199363c3a1f8e09edb369d40dcd862c00808ba3c7d3542ccbcae297812ae0a85166595ae855ca75171f980c3d61c2f6f796a8

  • SSDEEP

    1536:S555555555555pmgSeGDjtQhnwmmB0yZMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r8:DMSjOnrmBRMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-10-20_01132e3b04900ce1e0e64b3d44d39187_gandcrab

    • Size

      73KB

    • MD5

      01132e3b04900ce1e0e64b3d44d39187

    • SHA1

      8afae24f9ec6916341c4671a43f3f1c63e786a73

    • SHA256

      60f497051a64bb3d6c403ba81ea1e7571644732a1752c46302ad8f1ae077021d

    • SHA512

      608c4be98683f225e89501047b5199363c3a1f8e09edb369d40dcd862c00808ba3c7d3542ccbcae297812ae0a85166595ae855ca75171f980c3d61c2f6f796a8

    • SSDEEP

      1536:S555555555555pmgSeGDjtQhnwmmB0yZMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r8:DMSjOnrmBRMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks