General

  • Target

    2024-12-17_5d5df2a46dd72b9e786b618e5455d248_gandcrab

  • Size

    73KB

  • Sample

    241217-rymnysspcj

  • MD5

    5d5df2a46dd72b9e786b618e5455d248

  • SHA1

    ab904f9f17f91f9b4573c618b7b19b464dc67d37

  • SHA256

    ae8f1a454a2d8231717cf68aa941132e527b2f636fa7ae76b9ed53a938e44de5

  • SHA512

    785bc65e999e618c32ce3934931815d8f5b38cf82340d9ed26379c6759273b86b488eb0d6b5e9b2a70c5c73887376b0ec921d4a135962c1a79e042243d81b5df

  • SSDEEP

    1536:S55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:oMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-12-17_5d5df2a46dd72b9e786b618e5455d248_gandcrab

    • Size

      73KB

    • MD5

      5d5df2a46dd72b9e786b618e5455d248

    • SHA1

      ab904f9f17f91f9b4573c618b7b19b464dc67d37

    • SHA256

      ae8f1a454a2d8231717cf68aa941132e527b2f636fa7ae76b9ed53a938e44de5

    • SHA512

      785bc65e999e618c32ce3934931815d8f5b38cf82340d9ed26379c6759273b86b488eb0d6b5e9b2a70c5c73887376b0ec921d4a135962c1a79e042243d81b5df

    • SSDEEP

      1536:S55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:oMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks