General

  • Target

    1be6d76ab1f5d4fa2c72a2df61ac1ba2dd99ae5911b9eb25e599cba8e9ec1500N.exe

  • Size

    240KB

  • Sample

    241124-ypjz2awqcx

  • MD5

    06bb3e26f98fd902f3f023c5bedb1850

  • SHA1

    bacd24ac09f24a8102e78e56bc1b8c33b103d6a5

  • SHA256

    1be6d76ab1f5d4fa2c72a2df61ac1ba2dd99ae5911b9eb25e599cba8e9ec1500

  • SHA512

    37441a65c36916ef40b8a2e79bf935ee9abd8a08fef43b3dbdd5a404c0d78297edbcfe33eb40624de306a155a1be16b1c729c71f30f1324131cffc3c2cd987d2

  • SSDEEP

    3072:LYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHk:LycqqDL6oREzZpE

Malware Config

Targets

    • Target

      1be6d76ab1f5d4fa2c72a2df61ac1ba2dd99ae5911b9eb25e599cba8e9ec1500N.exe

    • Size

      240KB

    • MD5

      06bb3e26f98fd902f3f023c5bedb1850

    • SHA1

      bacd24ac09f24a8102e78e56bc1b8c33b103d6a5

    • SHA256

      1be6d76ab1f5d4fa2c72a2df61ac1ba2dd99ae5911b9eb25e599cba8e9ec1500

    • SHA512

      37441a65c36916ef40b8a2e79bf935ee9abd8a08fef43b3dbdd5a404c0d78297edbcfe33eb40624de306a155a1be16b1c729c71f30f1324131cffc3c2cd987d2

    • SSDEEP

      3072:LYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHk:LycqqDL6oREzZpE

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks