Overview

overview

10

Static

static

10

2024-11-01...ab.exe

windows7-x64

6

2024-11-01...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-01_0c25605439e0945c4aa7681f073c445c_gandcrab

  • Size

    73KB

  • Sample

    241101-h8lpzayckb

  • MD5

    0c25605439e0945c4aa7681f073c445c

  • SHA1

    309615d8776de631b55330104008afba98df02d0

  • SHA256

    473731ec193c17bfb350daad5391f6882f0714e664c88e1dd34510dd0b371a78

  • SHA512

    a7aec6fa97140c0aebed6864e10f09cbce7e434ead7dd39f92a9d36a9fe845315057b9453146eddf2efb06c025b699357b6d626bff79ad7cf2db00b72c2a2be5

  • SSDEEP

    1536:s55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:OMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-11-01_0c25605439e0945c4aa7681f073c445c_gandcrab

    • Size

      73KB

    • MD5

      0c25605439e0945c4aa7681f073c445c

    • SHA1

      309615d8776de631b55330104008afba98df02d0

    • SHA256

      473731ec193c17bfb350daad5391f6882f0714e664c88e1dd34510dd0b371a78

    • SHA512

      a7aec6fa97140c0aebed6864e10f09cbce7e434ead7dd39f92a9d36a9fe845315057b9453146eddf2efb06c025b699357b6d626bff79ad7cf2db00b72c2a2be5

    • SSDEEP

      1536:s55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:OMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks