Overview

overview

10

Static

static

10

2025-01-02...ab.exe

windows7-x64

6

2025-01-02...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-02_80cdbfc84468635fd25f801e361d1643_gandcrab

  • Size

    75KB

  • Sample

    250102-bmsstsxlhm

  • MD5

    80cdbfc84468635fd25f801e361d1643

  • SHA1

    01d58899a44a82284bf7af0874d714bff3f09491

  • SHA256

    304edb6a546e45697dff112cafecfd9a6c9c5e359b9a08f75aaf8dee87250495

  • SHA512

    ae5d71846018bbfc19cb3f307b7b569f71f05ba99b9dc8ae2025f7fe59e18458959d3d3ec10b956ab3b819b15b5af4ebd724aa783ff856f1e87104af25c9411e

  • SSDEEP

    1536:ugSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdvYAY:uMSjOnrmBbMqqMmr3IdE8we0Avu5r++a

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-02_80cdbfc84468635fd25f801e361d1643_gandcrab

    • Size

      75KB

    • MD5

      80cdbfc84468635fd25f801e361d1643

    • SHA1

      01d58899a44a82284bf7af0874d714bff3f09491

    • SHA256

      304edb6a546e45697dff112cafecfd9a6c9c5e359b9a08f75aaf8dee87250495

    • SHA512

      ae5d71846018bbfc19cb3f307b7b569f71f05ba99b9dc8ae2025f7fe59e18458959d3d3ec10b956ab3b819b15b5af4ebd724aa783ff856f1e87104af25c9411e

    • SSDEEP

      1536:ugSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdvYAY:uMSjOnrmBbMqqMmr3IdE8we0Avu5r++a

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks