General

  • Target

    04e703e8b4718776ba802daea0d88d5cda9b3fcbbb97e394f3bd21130f3363ebN.exe

  • Size

    301KB

  • Sample

    241219-3e7esstldm

  • MD5

    2f75c9952658f7f9c5bf84615b8a8290

  • SHA1

    d021a973c8c65a1c2f79273e1849b209c7ca8931

  • SHA256

    04e703e8b4718776ba802daea0d88d5cda9b3fcbbb97e394f3bd21130f3363eb

  • SHA512

    943be84cd3e01be995d3d456227cc877da8cb8da6247087e0bfacaa511c439b3f904e21ae8a347091f47a4865e947526c2e015be3cea95b3ca8ed0d0e27581ae

  • SSDEEP

    6144:nAOXfCzxaL+W8pZZz+FF4X4sYN+Qaf3AVwbLWJ:nVXfmax8PZz+v4+9Mu

Malware Config

Targets

    • Target

      04e703e8b4718776ba802daea0d88d5cda9b3fcbbb97e394f3bd21130f3363ebN.exe

    • Size

      301KB

    • MD5

      2f75c9952658f7f9c5bf84615b8a8290

    • SHA1

      d021a973c8c65a1c2f79273e1849b209c7ca8931

    • SHA256

      04e703e8b4718776ba802daea0d88d5cda9b3fcbbb97e394f3bd21130f3363eb

    • SHA512

      943be84cd3e01be995d3d456227cc877da8cb8da6247087e0bfacaa511c439b3f904e21ae8a347091f47a4865e947526c2e015be3cea95b3ca8ed0d0e27581ae

    • SSDEEP

      6144:nAOXfCzxaL+W8pZZz+FF4X4sYN+Qaf3AVwbLWJ:nVXfmax8PZz+v4+9Mu

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks