General

  • Target

    2024-12-10_579c3435b22c1518c0c1cc20a7fd0f18_gandcrab

  • Size

    83KB

  • Sample

    241210-e2d5rstmez

  • MD5

    579c3435b22c1518c0c1cc20a7fd0f18

  • SHA1

    54476c84838f173a479dc3d3177e22cf4084d94b

  • SHA256

    a6d1e69e359623ad312f8776339cf8da8f7ae14a68e4a8b75f0afa86c4f04571

  • SHA512

    46572ad96b25c4c5bd780f59f613d5a90bd09eaeb7af8779fa64d9c6f3219bba4355dc7a52620b9d3759070589987f52433504772584439ed2713b523c8dae60

  • SSDEEP

    1536:G55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:sMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-12-10_579c3435b22c1518c0c1cc20a7fd0f18_gandcrab

    • Size

      83KB

    • MD5

      579c3435b22c1518c0c1cc20a7fd0f18

    • SHA1

      54476c84838f173a479dc3d3177e22cf4084d94b

    • SHA256

      a6d1e69e359623ad312f8776339cf8da8f7ae14a68e4a8b75f0afa86c4f04571

    • SHA512

      46572ad96b25c4c5bd780f59f613d5a90bd09eaeb7af8779fa64d9c6f3219bba4355dc7a52620b9d3759070589987f52433504772584439ed2713b523c8dae60

    • SSDEEP

      1536:G55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:sMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks