General

  • Target

    94f5d8e1f8eaf0341fcdc34bba042030ac611fdf489c1737cce28cc23d68c4f2

  • Size

    171KB

  • Sample

    241217-bbbeeavqcy

  • MD5

    d7c25072c2ce1434f6b2cffe35a7e8c8

  • SHA1

    6bec15bcb1a156476036f0a30724dc321eed5eea

  • SHA256

    94f5d8e1f8eaf0341fcdc34bba042030ac611fdf489c1737cce28cc23d68c4f2

  • SHA512

    590f107882846042d5a73db6eda36a526a44c7f260064562712652bff27c13298342dae648405db77e51a98f9209710eb53450a818ba093060601383d603e720

  • SSDEEP

    3072:zjQgjwASMrYRL9xNg2WvKpRsDCEQUbVu8JGYg1Yv/O/j2H3HnBBr:H9+AvyRw/bVuaGckj2XH7

Malware Config

Targets

    • Target

      94f5d8e1f8eaf0341fcdc34bba042030ac611fdf489c1737cce28cc23d68c4f2

    • Size

      171KB

    • MD5

      d7c25072c2ce1434f6b2cffe35a7e8c8

    • SHA1

      6bec15bcb1a156476036f0a30724dc321eed5eea

    • SHA256

      94f5d8e1f8eaf0341fcdc34bba042030ac611fdf489c1737cce28cc23d68c4f2

    • SHA512

      590f107882846042d5a73db6eda36a526a44c7f260064562712652bff27c13298342dae648405db77e51a98f9209710eb53450a818ba093060601383d603e720

    • SSDEEP

      3072:zjQgjwASMrYRL9xNg2WvKpRsDCEQUbVu8JGYg1Yv/O/j2H3HnBBr:H9+AvyRw/bVuaGckj2XH7

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks