Overview

overview

10

Static

static

10

2025-01-05...ab.exe

windows7-x64

6

2025-01-05...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-05_00d4e168d2d0329e13b76866087189f3_gandcrab

  • Size

    346KB

  • Sample

    250105-lqm2vszphv

  • MD5

    00d4e168d2d0329e13b76866087189f3

  • SHA1

    968b964323e71986c564dc6815273eacea6167de

  • SHA256

    34ffc01094f9383d273157ae9000b638c746f081b8e33624e0bdefc5c17bd98b

  • SHA512

    8f755cffa7a40f86d876d11dc9358f9da11374ed39bd95245c134409594cc11d6680ff6136dca178fc91d5c533c2e450f5b830bbf042f036ff5babea07c2fefe

  • SSDEEP

    3072:4MSjOnrmBxMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdMEa83Rg0EkmlB1yihDNC+:4XjOnr6aqqDL64vdyQmIihDNCwQIPP

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-05_00d4e168d2d0329e13b76866087189f3_gandcrab

    • Size

      346KB

    • MD5

      00d4e168d2d0329e13b76866087189f3

    • SHA1

      968b964323e71986c564dc6815273eacea6167de

    • SHA256

      34ffc01094f9383d273157ae9000b638c746f081b8e33624e0bdefc5c17bd98b

    • SHA512

      8f755cffa7a40f86d876d11dc9358f9da11374ed39bd95245c134409594cc11d6680ff6136dca178fc91d5c533c2e450f5b830bbf042f036ff5babea07c2fefe

    • SSDEEP

      3072:4MSjOnrmBxMqqDL2/mr3IdE8we0Avu5r++ygLIaagvdMEa83Rg0EkmlB1yihDNC+:4XjOnr6aqqDL64vdyQmIihDNCwQIPP

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks