General

  • Target

    2024-10-29_b6c65b979e962e09582be2adc8c28f49_gandcrab

  • Size

    73KB

  • Sample

    241029-fddd1atjem

  • MD5

    b6c65b979e962e09582be2adc8c28f49

  • SHA1

    bbe4939d3ddaf094e9ddc3265607cdd5ac7fb829

  • SHA256

    1c4cc8851e6a2f1b481ae98ddc36f5c435d96cb32862d98a9d9c2df4b8947ddb

  • SHA512

    40d3b8b81a22f0ef0127007a0b3273ced3d874d8f4aa292a15b6fea3bd9f7c86883eac932940e3bba185b2a4f847aecad64cd3e76ad8eb8ae36e27b19a19ac78

  • SSDEEP

    1536:p55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:hMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-10-29_b6c65b979e962e09582be2adc8c28f49_gandcrab

    • Size

      73KB

    • MD5

      b6c65b979e962e09582be2adc8c28f49

    • SHA1

      bbe4939d3ddaf094e9ddc3265607cdd5ac7fb829

    • SHA256

      1c4cc8851e6a2f1b481ae98ddc36f5c435d96cb32862d98a9d9c2df4b8947ddb

    • SHA512

      40d3b8b81a22f0ef0127007a0b3273ced3d874d8f4aa292a15b6fea3bd9f7c86883eac932940e3bba185b2a4f847aecad64cd3e76ad8eb8ae36e27b19a19ac78

    • SSDEEP

      1536:p55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:hMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks