General

  • Target

    6e66f43e8d687066e6a3225cbdc1a325c494569ac3c9e6e19195826d75782253

  • Size

    73KB

  • Sample

    241212-yab1wavndx

  • MD5

    27b95186af23d7d91b1b213b522a9f6a

  • SHA1

    a095fb314df0d4e25e3c1bf239200f62a96930d7

  • SHA256

    6e66f43e8d687066e6a3225cbdc1a325c494569ac3c9e6e19195826d75782253

  • SHA512

    036442578614ef60a2329fcf7a5a8ec06afc9fbdbb5680716c1f88a7e938a5e88726ee5773392eeccf6b6157f09c4d734611feaaa9b75d55df4d6e0ac49f0d68

  • SSDEEP

    1536:t55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:FMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      6e66f43e8d687066e6a3225cbdc1a325c494569ac3c9e6e19195826d75782253

    • Size

      73KB

    • MD5

      27b95186af23d7d91b1b213b522a9f6a

    • SHA1

      a095fb314df0d4e25e3c1bf239200f62a96930d7

    • SHA256

      6e66f43e8d687066e6a3225cbdc1a325c494569ac3c9e6e19195826d75782253

    • SHA512

      036442578614ef60a2329fcf7a5a8ec06afc9fbdbb5680716c1f88a7e938a5e88726ee5773392eeccf6b6157f09c4d734611feaaa9b75d55df4d6e0ac49f0d68

    • SSDEEP

      1536:t55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:FMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks