General

  • Target

    2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab

  • Size

    73KB

  • Sample

    241217-g6556asqfw

  • MD5

    ec78f59b804d908df1cee0ce7d5861dc

  • SHA1

    3e1000b5763b0f560e8254c6fedcd0aeb8ec0c48

  • SHA256

    4df689d638efab4c3363c6fe0439d35d462238faf3515e3153bd09f04142989b

  • SHA512

    421483d863f7aabe68870340180683fe5f1bf6bb533eb99e22ea6ab764d9ec7c2c4736fc28813be6396de1bba950503058ab3473ea267a50eba57841b78d32ca

  • SSDEEP

    1536:655u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:gMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab

    • Size

      73KB

    • MD5

      ec78f59b804d908df1cee0ce7d5861dc

    • SHA1

      3e1000b5763b0f560e8254c6fedcd0aeb8ec0c48

    • SHA256

      4df689d638efab4c3363c6fe0439d35d462238faf3515e3153bd09f04142989b

    • SHA512

      421483d863f7aabe68870340180683fe5f1bf6bb533eb99e22ea6ab764d9ec7c2c4736fc28813be6396de1bba950503058ab3473ea267a50eba57841b78d32ca

    • SSDEEP

      1536:655u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:gMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks