Overview

overview

10

Static

static

10

2024-10-25...ab.exe

windows7-x64

10

2024-10-25...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-25_b3d3a3b2e4fcf475811f086d96ec556a_gandcrab

  • Size

    70KB

  • Sample

    241025-qwed5a1eql

  • MD5

    b3d3a3b2e4fcf475811f086d96ec556a

  • SHA1

    7f885b0e631b11d49661b7d745e3732bc7cefcac

  • SHA256

    903d0fdba849fe99293dd9aeb29a00941b0ef8bceca5868aa17078fc08ab710f

  • SHA512

    683acea2971de7ba00f441346264c8312bc58067e1e97f3faf211c3289067440d78f8ca29f14201d6dc76b3ecfb50f3a2acf1784fdf2062661cf4a60c5ad163a

  • SSDEEP

    1536:9zzzzzzzzV9rXounV98hbHnAXMqqUM2Lkvd6:DBounVyFHCMqqMLkvd

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2024-10-25_b3d3a3b2e4fcf475811f086d96ec556a_gandcrab

    • Size

      70KB

    • MD5

      b3d3a3b2e4fcf475811f086d96ec556a

    • SHA1

      7f885b0e631b11d49661b7d745e3732bc7cefcac

    • SHA256

      903d0fdba849fe99293dd9aeb29a00941b0ef8bceca5868aa17078fc08ab710f

    • SHA512

      683acea2971de7ba00f441346264c8312bc58067e1e97f3faf211c3289067440d78f8ca29f14201d6dc76b3ecfb50f3a2acf1784fdf2062661cf4a60c5ad163a

    • SSDEEP

      1536:9zzzzzzzzV9rXounV98hbHnAXMqqUM2Lkvd6:DBounVyFHCMqqMLkvd

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks