General

  • Target

    2024-12-13_8eabde2efee34e7297e8839265586a20_gandcrab

  • Size

    73KB

  • Sample

    241213-mf433axlek

  • MD5

    8eabde2efee34e7297e8839265586a20

  • SHA1

    dd5c8fa72bca83d78897e5d541d2a9f05d3c21f6

  • SHA256

    56f4ffd1209a1db5dd8568d62ad414d87629d7f3a4ea812d0a46042b56ed24be

  • SHA512

    f1fd491a70528b62f12811a3945c1465636f848a8b3655ab63bd2355885b97a542a59f79a84b4ad521f2524c01ae6c5d8e33506f83fe0603fb649cb084cdeb93

  • SSDEEP

    1536:EgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:EMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-12-13_8eabde2efee34e7297e8839265586a20_gandcrab

    • Size

      73KB

    • MD5

      8eabde2efee34e7297e8839265586a20

    • SHA1

      dd5c8fa72bca83d78897e5d541d2a9f05d3c21f6

    • SHA256

      56f4ffd1209a1db5dd8568d62ad414d87629d7f3a4ea812d0a46042b56ed24be

    • SHA512

      f1fd491a70528b62f12811a3945c1465636f848a8b3655ab63bd2355885b97a542a59f79a84b4ad521f2524c01ae6c5d8e33506f83fe0603fb649cb084cdeb93

    • SSDEEP

      1536:EgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:EMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks