Overview

overview

10

Static

static

10

2024-10-26...ab.exe

windows7-x64

6

2024-10-26...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-10-26_5754139cfc25e7fbd1a405f7f5d0af8e_gandcrab

  • Size

    73KB

  • Sample

    241026-x46lxaxgqf

  • MD5

    5754139cfc25e7fbd1a405f7f5d0af8e

  • SHA1

    aafc0aba742bcb6f616783987ce6e2b920bc1238

  • SHA256

    68117b87aeafde3a287e4799040b08b6ae1e3d31f3b013feabb82ee48018ab62

  • SHA512

    3c58222547552042e518e7667f075c935b12221fe8558e249ae68fd21ea15eb88206263af8d73cf720bcbffa313d35627e07b262d7de1caf579a5d6551c1a7b8

  • SSDEEP

    1536:255u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:8MSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-10-26_5754139cfc25e7fbd1a405f7f5d0af8e_gandcrab

    • Size

      73KB

    • MD5

      5754139cfc25e7fbd1a405f7f5d0af8e

    • SHA1

      aafc0aba742bcb6f616783987ce6e2b920bc1238

    • SHA256

      68117b87aeafde3a287e4799040b08b6ae1e3d31f3b013feabb82ee48018ab62

    • SHA512

      3c58222547552042e518e7667f075c935b12221fe8558e249ae68fd21ea15eb88206263af8d73cf720bcbffa313d35627e07b262d7de1caf579a5d6551c1a7b8

    • SSDEEP

      1536:255u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:8MSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks