Overview

overview

10

Static

static

3

2024-11-06...er.exe

windows7-x64

10

2024-11-06...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-06_2e0ddc32e8327153008b8b6ad6a263f3_magniber

  • Size

    277KB

  • Sample

    241106-rtd61ssdmq

  • MD5

    2e0ddc32e8327153008b8b6ad6a263f3

  • SHA1

    615a38357a09b0aed119faf4a920775b2a0c372c

  • SHA256

    f43a11d0ab8bc5ec5b1a75ae902a6a58485fba6b69e9ef376a53575b6e2e2782

  • SHA512

    70bb558131ddf200e064580da39c84fe65c2d982dc17b706733c4eecff542431000af2c8168cfe21c4c9760efc36ebd7d32650667ae469e5e84a25d6c29d071b

  • SSDEEP

    6144:X3nHPDm0jLAu6Y5jEw564aoJxmhuw1AFkHK/:nvbjf6YNFehQwo

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2024-11-06_2e0ddc32e8327153008b8b6ad6a263f3_magniber

    • Size

      277KB

    • MD5

      2e0ddc32e8327153008b8b6ad6a263f3

    • SHA1

      615a38357a09b0aed119faf4a920775b2a0c372c

    • SHA256

      f43a11d0ab8bc5ec5b1a75ae902a6a58485fba6b69e9ef376a53575b6e2e2782

    • SHA512

      70bb558131ddf200e064580da39c84fe65c2d982dc17b706733c4eecff542431000af2c8168cfe21c4c9760efc36ebd7d32650667ae469e5e84a25d6c29d071b

    • SSDEEP

      6144:X3nHPDm0jLAu6Y5jEw564aoJxmhuw1AFkHK/:nvbjf6YNFehQwo

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks