General
-
Target
2024-11-27_9d0eeac42cce64d8f8a0bb1b3b21c11d_gandcrab
-
Size
240KB
-
Sample
241127-lh4dwavjfq
-
MD5
9d0eeac42cce64d8f8a0bb1b3b21c11d
-
SHA1
70edfde80c59a36ba20a54738892a9029075f7b8
-
SHA256
6116c00004cb34d210496208cfe975e10bd481c79516fd3161dd2f972cb5e086
-
SHA512
5610b50c34174e217c0578c1f2896c6971b6971d451653114fad4b605c78c65ed92dfed38671a5f516db9ae3dea58bfbe9919fffc53d0c8705e0a65b0be6fc84
-
SSDEEP
3072:jYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHkc:jycqqDL6oREzZpEc
Malware Config
Targets
-
-
Target
2024-11-27_9d0eeac42cce64d8f8a0bb1b3b21c11d_gandcrab
-
Size
240KB
-
MD5
9d0eeac42cce64d8f8a0bb1b3b21c11d
-
SHA1
70edfde80c59a36ba20a54738892a9029075f7b8
-
SHA256
6116c00004cb34d210496208cfe975e10bd481c79516fd3161dd2f972cb5e086
-
SHA512
5610b50c34174e217c0578c1f2896c6971b6971d451653114fad4b605c78c65ed92dfed38671a5f516db9ae3dea58bfbe9919fffc53d0c8705e0a65b0be6fc84
-
SSDEEP
3072:jYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHkc:jycqqDL6oREzZpEc
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Gandcrab family
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-