General
-
Target
2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab
-
Size
73KB
-
Sample
241217-g6556asqfw
-
MD5
ec78f59b804d908df1cee0ce7d5861dc
-
SHA1
3e1000b5763b0f560e8254c6fedcd0aeb8ec0c48
-
SHA256
4df689d638efab4c3363c6fe0439d35d462238faf3515e3153bd09f04142989b
-
SHA512
421483d863f7aabe68870340180683fe5f1bf6bb533eb99e22ea6ab764d9ec7c2c4736fc28813be6396de1bba950503058ab3473ea267a50eba57841b78d32ca
-
SSDEEP
1536:655u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:gMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h
Behavioral task
behavioral1
Sample
2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2024-12-17_ec78f59b804d908df1cee0ce7d5861dc_gandcrab
-
Size
73KB
-
MD5
ec78f59b804d908df1cee0ce7d5861dc
-
SHA1
3e1000b5763b0f560e8254c6fedcd0aeb8ec0c48
-
SHA256
4df689d638efab4c3363c6fe0439d35d462238faf3515e3153bd09f04142989b
-
SHA512
421483d863f7aabe68870340180683fe5f1bf6bb533eb99e22ea6ab764d9ec7c2c4736fc28813be6396de1bba950503058ab3473ea267a50eba57841b78d32ca
-
SSDEEP
1536:655u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:gMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-