Overview

overview

10

Static

static

10

2025-01-01...ab.exe

windows7-x64

6

2025-01-01...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_140f60aaca04b1992e5a7c7eef5aef46_gandcrab

  • Size

    75KB

  • Sample

    250101-w5jcbsxmdw

  • MD5

    140f60aaca04b1992e5a7c7eef5aef46

  • SHA1

    ae1da750275861bf6effad1cdc6604fd237f20ea

  • SHA256

    8ffd9bcd839adbed98c285898ff717035b73001f8d3a84fc575c62ebef56406c

  • SHA512

    825cfc5da1134eed24fd2865d544b1b11c8da11275d20a89946694ac0ff645a961ed49e94486eb8d59bd91bf56d703cba26aded5b14d78e83e9512c3d3390db0

  • SSDEEP

    1536:F555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:CMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-01_140f60aaca04b1992e5a7c7eef5aef46_gandcrab

    • Size

      75KB

    • MD5

      140f60aaca04b1992e5a7c7eef5aef46

    • SHA1

      ae1da750275861bf6effad1cdc6604fd237f20ea

    • SHA256

      8ffd9bcd839adbed98c285898ff717035b73001f8d3a84fc575c62ebef56406c

    • SHA512

      825cfc5da1134eed24fd2865d544b1b11c8da11275d20a89946694ac0ff645a961ed49e94486eb8d59bd91bf56d703cba26aded5b14d78e83e9512c3d3390db0

    • SSDEEP

      1536:F555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rA:CMSjOnrmBxMqqDL2/mr3IdE8we0Avu50

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks