General
-
Target
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785N.exe
-
Size
119KB
-
Sample
241219-fgx8kszncp
-
MD5
fe092747abcb1b58057a4d0ce657af00
-
SHA1
3db189e55d8d3b6c12401cf7f7393f7a13962dea
-
SHA256
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785
-
SHA512
876231f29148fc899a7a0e1be689100833cdeac65ea75ae84a0b14417c56f2bce8fd16fbabe6512545161f33979cd1e7df5b94108039532e9f57e1f1712245f8
-
SSDEEP
3072:tzuPVLDaAA3d2C9hQssDh7a7I4M3FyOO3+Bout8lc:qDvSb4f9a7IFLO3ioS8K
Behavioral task
behavioral1
Sample
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785N.exe
-
Size
119KB
-
MD5
fe092747abcb1b58057a4d0ce657af00
-
SHA1
3db189e55d8d3b6c12401cf7f7393f7a13962dea
-
SHA256
30d4ba9cc006be76d764fc5ef20d9f4a96b27524505daa01f3ae2e0f0dcf5785
-
SHA512
876231f29148fc899a7a0e1be689100833cdeac65ea75ae84a0b14417c56f2bce8fd16fbabe6512545161f33979cd1e7df5b94108039532e9f57e1f1712245f8
-
SSDEEP
3072:tzuPVLDaAA3d2C9hQssDh7a7I4M3FyOO3+Bout8lc:qDvSb4f9a7IFLO3ioS8K
-
GandCrab payload
-
Gandcrab family
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-