General

  • Target

    2024-12-20_6e3234c14907b7b73d9440160342cb71_gandcrab

  • Size

    73KB

  • Sample

    241220-f9vm6a1khv

  • MD5

    6e3234c14907b7b73d9440160342cb71

  • SHA1

    a81ea18793cc2242d49843ba62d4118b0e3775d3

  • SHA256

    30a1f866280131788832e96b4d98f215ad4feeef67bd8c74770da9a4728c79cc

  • SHA512

    f50bc1da31255687a3f6b0aba8d68bbdf0a1dc2f3e12fcc6bdd13dda5eef6ec75dc6ee8af85ba88b9f830dadf11ad3ef63f0ab760c863759231146538d2c2b63

  • SSDEEP

    1536:tgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdvd:tMSjOnrmBbMqqMmr3IdE8we0Avu5r++P

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2024-12-20_6e3234c14907b7b73d9440160342cb71_gandcrab

    • Size

      73KB

    • MD5

      6e3234c14907b7b73d9440160342cb71

    • SHA1

      a81ea18793cc2242d49843ba62d4118b0e3775d3

    • SHA256

      30a1f866280131788832e96b4d98f215ad4feeef67bd8c74770da9a4728c79cc

    • SHA512

      f50bc1da31255687a3f6b0aba8d68bbdf0a1dc2f3e12fcc6bdd13dda5eef6ec75dc6ee8af85ba88b9f830dadf11ad3ef63f0ab760c863759231146538d2c2b63

    • SSDEEP

      1536:tgSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdvd:tMSjOnrmBbMqqMmr3IdE8we0Avu5r++P

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks