Overview

overview

10

Static

static

10

2025-01-01...ab.exe

windows7-x64

6

2025-01-01...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-01_4eee1bee7939dc55838e3d7793ac34d5_gandcrab

  • Size

    73KB

  • Sample

    250101-yc7kkasqgp

  • MD5

    4eee1bee7939dc55838e3d7793ac34d5

  • SHA1

    b72717e4f194d8387906064f36cd74644dfd8ad3

  • SHA256

    e9b81a71b02eadbd0c9167e4b8fadb76e18f87a2b0c5f45cbedce7ceb44d0525

  • SHA512

    b4d24dc29db1886a82f15c143495fcbd51dd574be41f194baa43c96640c68c40aa3404bd0f8e00f51f774f7fca148c230af38e454a63381d7005eb3e38e81c59

  • SSDEEP

    1536:b555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5ry:8MSjOnrmBxMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-01_4eee1bee7939dc55838e3d7793ac34d5_gandcrab

    • Size

      73KB

    • MD5

      4eee1bee7939dc55838e3d7793ac34d5

    • SHA1

      b72717e4f194d8387906064f36cd74644dfd8ad3

    • SHA256

      e9b81a71b02eadbd0c9167e4b8fadb76e18f87a2b0c5f45cbedce7ceb44d0525

    • SHA512

      b4d24dc29db1886a82f15c143495fcbd51dd574be41f194baa43c96640c68c40aa3404bd0f8e00f51f774f7fca148c230af38e454a63381d7005eb3e38e81c59

    • SSDEEP

      1536:b555555555555pmgSeGDjtQhnwmmB0yJMqqU+2bbbAV2/S2mr3IdE8mne0Avu5ry:8MSjOnrmBxMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks