Overview

overview

10

Static

static

10

2024-11-03...ab.exe

windows7-x64

6

2024-11-03...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-03_53b14df5b13a2e6e309e084081d88629_gandcrab

  • Size

    76KB

  • Sample

    241103-gah1rawfkg

  • MD5

    53b14df5b13a2e6e309e084081d88629

  • SHA1

    e1761071c888735842ba458ed03c0397f4122885

  • SHA256

    7f2ac4e307b5bddeb092dd6d43854a80d0071b53ea9bae19cb4c67ce150c445b

  • SHA512

    fb803fec0c531ab61e64554cca9a46ecb797f3ce910a2dd5ea628da235b846dd741e0b2b882b151f23b34dd3e787e9fbe63b0b63f13fae960199aa904c3cef38

  • SSDEEP

    1536:H55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:jMSjOnrmBTMqqDL2/mr3IdE8we0Avu5V

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-11-03_53b14df5b13a2e6e309e084081d88629_gandcrab

    • Size

      76KB

    • MD5

      53b14df5b13a2e6e309e084081d88629

    • SHA1

      e1761071c888735842ba458ed03c0397f4122885

    • SHA256

      7f2ac4e307b5bddeb092dd6d43854a80d0071b53ea9bae19cb4c67ce150c445b

    • SHA512

      fb803fec0c531ab61e64554cca9a46ecb797f3ce910a2dd5ea628da235b846dd741e0b2b882b151f23b34dd3e787e9fbe63b0b63f13fae960199aa904c3cef38

    • SSDEEP

      1536:H55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:jMSjOnrmBTMqqDL2/mr3IdE8we0Avu5V

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks