gandcrab | 81b4a12c99abe9886fb677a732570d802a03c9726a98532e0b2dd8e2abeab775 | Triage

Sharing

General

Target

2024-12-31_f0de0a481bd5b0060dd940044fc94def_gandcrab
Size

70KB
Sample

241231-vydb3a1jcx
MD5

f0de0a481bd5b0060dd940044fc94def
SHA1

a7e018cbe8cd42cafec706c2308ffdfb6730d504
SHA256

81b4a12c99abe9886fb677a732570d802a03c9726a98532e0b2dd8e2abeab775
SHA512

a68559aead4a7a7167450c794e7b3e068f6b628affa0d1d15888407ce3ce86d6b626bac7493ebd502e15491746630da9b15d828ea11a777fc4089a879c033d6b
SSDEEP

1536:2ZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:ld5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2024-12-31_f0de0a481bd5b0060dd940044fc94def_gandcrab
- Size
  
  70KB
- MD5
  
  f0de0a481bd5b0060dd940044fc94def
- SHA1
  
  a7e018cbe8cd42cafec706c2308ffdfb6730d504
- SHA256
  
  81b4a12c99abe9886fb677a732570d802a03c9726a98532e0b2dd8e2abeab775
- SHA512
  
  a68559aead4a7a7167450c794e7b3e068f6b628affa0d1d15888407ce3ce86d6b626bac7493ebd502e15491746630da9b15d828ea11a777fc4089a879c033d6b
- SSDEEP
  
  1536:2ZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:ld5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence