General
-
Target
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9bN.exe
-
Size
231KB
-
Sample
241218-g9rryaxles
-
MD5
1e5310906b2196362596f361e7fd55c0
-
SHA1
3d9e2fcd9a0b53c8493dfea67e04bf8adfdd1402
-
SHA256
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9b
-
SHA512
ac7e25075199e0664f8a0caaa4f994c4bd6bcd3e49f27b0a2bd89832d528115dfd3041450c8e52055546bca1d4e6c186262783df04c22f6cad10419ef2f236bb
-
SSDEEP
3072:RPgE0E5wfNm5RQ9vGeriZuxqrzmT0MKgM2Au2c5L97zPy+yc4WABa/KC:RPgEifAIOe6eOqAMKgMy5B7G25
Static task
static1
Behavioral task
behavioral1
Sample
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9bN.exe
-
Size
231KB
-
MD5
1e5310906b2196362596f361e7fd55c0
-
SHA1
3d9e2fcd9a0b53c8493dfea67e04bf8adfdd1402
-
SHA256
675c5b27af9009f66e92d8b4188bdb84838b7b167614841df47b5c470f4f0f9b
-
SHA512
ac7e25075199e0664f8a0caaa4f994c4bd6bcd3e49f27b0a2bd89832d528115dfd3041450c8e52055546bca1d4e6c186262783df04c22f6cad10419ef2f236bb
-
SSDEEP
3072:RPgE0E5wfNm5RQ9vGeriZuxqrzmT0MKgM2Au2c5L97zPy+yc4WABa/KC:RPgEifAIOe6eOqAMKgMy5B7G25
Score10/10-
GandCrab payload
-
Gandcrab family
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-