General
-
Target
b1841d74fadb248b93948a491cd246f806f5d54eb9c86f7f4f39dea7f171d43d.exe
-
Size
240KB
-
Sample
241203-nbtbfaspht
-
MD5
13e954a87528e640b5b07ecb7b734c2a
-
SHA1
f56431bb6a91fdb107765e9e5c3fea3bf48759e8
-
SHA256
b1841d74fadb248b93948a491cd246f806f5d54eb9c86f7f4f39dea7f171d43d
-
SHA512
49453814223d89e890db7d5255073f045014302f3acd79e043f80c12e56b076d473f904bb48030770fe198dd248ed1b193115d8e552868fe622c1c98cd509dcd
-
SSDEEP
3072:YYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHkE:YycqqDL6oREzZpEE
Malware Config
Targets
-
-
Target
b1841d74fadb248b93948a491cd246f806f5d54eb9c86f7f4f39dea7f171d43d.exe
-
Size
240KB
-
MD5
13e954a87528e640b5b07ecb7b734c2a
-
SHA1
f56431bb6a91fdb107765e9e5c3fea3bf48759e8
-
SHA256
b1841d74fadb248b93948a491cd246f806f5d54eb9c86f7f4f39dea7f171d43d
-
SHA512
49453814223d89e890db7d5255073f045014302f3acd79e043f80c12e56b076d473f904bb48030770fe198dd248ed1b193115d8e552868fe622c1c98cd509dcd
-
SSDEEP
3072:YYHVHd2NwMqqDL2/mr3IdE8we0Avu5r++ygLIaa4jRv9OtNZpHkE:YycqqDL6oREzZpEE
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Gandcrab family
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-