Overview

overview

10

Static

static

10

2024-11-10...ab.exe

windows7-x64

6

2024-11-10...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-10_f048ca32aa97fad0d344a7f1d3f26f2e_gandcrab

  • Size

    76KB

  • Sample

    241110-e3v5nszbrr

  • MD5

    f048ca32aa97fad0d344a7f1d3f26f2e

  • SHA1

    ac8aa9806dbec90f1e3e30dec5d370f95025c28d

  • SHA256

    afb7bfdf2728d33d0d227f838d8abf99122c607a585e987cdc95abc846ad86b0

  • SHA512

    53e7fc3f79ddf963992e3b55953c3f6a5e49f67dcf67ba4c42a04540fa7da0de65f459544a41ad7e34696089459c03c904e3e2493f5bd017316f5d6e9421b4a6

  • SSDEEP

    1536:D55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:fMSjOnrmBTMqqDL2/mr3IdE8we0Avu5V

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-11-10_f048ca32aa97fad0d344a7f1d3f26f2e_gandcrab

    • Size

      76KB

    • MD5

      f048ca32aa97fad0d344a7f1d3f26f2e

    • SHA1

      ac8aa9806dbec90f1e3e30dec5d370f95025c28d

    • SHA256

      afb7bfdf2728d33d0d227f838d8abf99122c607a585e987cdc95abc846ad86b0

    • SHA512

      53e7fc3f79ddf963992e3b55953c3f6a5e49f67dcf67ba4c42a04540fa7da0de65f459544a41ad7e34696089459c03c904e3e2493f5bd017316f5d6e9421b4a6

    • SSDEEP

      1536:D55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:fMSjOnrmBTMqqDL2/mr3IdE8we0Avu5V

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks