Overview

overview

10

Static

static

10

2025-01-01...ab.exe

windows7-x64

10

2025-01-01...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_763b0a9ac007c48d8bbd16316eab02c5_gandcrab

  • Size

    73KB

  • Sample

    250101-xfcnxszrhm

  • MD5

    763b0a9ac007c48d8bbd16316eab02c5

  • SHA1

    de8fac3e92690bb6f53e0211df4e7a1618de02db

  • SHA256

    579ac76e78673f2388ec8a23d6b730e68a3819f5ea0bee24b4663bc7722fda9f

  • SHA512

    7919ef6f9cc083977c181b56769d4075433465d654fb517eaaf4178463207b85548d600b388d992458e2d94963dd7aa91698242e0cc474cd5cb01112da72a16c

  • SSDEEP

    1536:HZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:PBounVyFHpfMqqDL2/Lkvd6

Score
10/10
gandcrabbackdoordiscoverypersistenceransomware

Malware Config

Targets

    • Target

      2025-01-01_763b0a9ac007c48d8bbd16316eab02c5_gandcrab

    • Size

      73KB

    • MD5

      763b0a9ac007c48d8bbd16316eab02c5

    • SHA1

      de8fac3e92690bb6f53e0211df4e7a1618de02db

    • SHA256

      579ac76e78673f2388ec8a23d6b730e68a3819f5ea0bee24b4663bc7722fda9f

    • SHA512

      7919ef6f9cc083977c181b56769d4075433465d654fb517eaaf4178463207b85548d600b388d992458e2d94963dd7aa91698242e0cc474cd5cb01112da72a16c

    • SSDEEP

      1536:HZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd6:PBounVyFHpfMqqDL2/Lkvd6

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks