General
-
Target
2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab
-
Size
573KB
-
Sample
250107-ldtzmswrbm
-
MD5
2ae445b7cec023ff97499f16e7ba8f69
-
SHA1
8012690118e6f345fe94fe4d8ddbdb600117c640
-
SHA256
c730280f6071f0911b44056a450650fe8f61d06eb9588c7ff7e5f392bfeab9f4
-
SHA512
817aaf02ba4ff6b7297e2872a7ddf5e6b482fa16a24b8f693db2dfdf726c2558797429c195d08a4ed37cb358468790b7979660ac71116dd164c65d0db6971b0d
-
SSDEEP
12288:nTOneqn6cDKWqQqkd1BtOkodxduog/TXJa/x82IErOJs:T1+6cDKWNGuog/TXJmxO
Behavioral task
behavioral1
Sample
2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab
-
Size
573KB
-
MD5
2ae445b7cec023ff97499f16e7ba8f69
-
SHA1
8012690118e6f345fe94fe4d8ddbdb600117c640
-
SHA256
c730280f6071f0911b44056a450650fe8f61d06eb9588c7ff7e5f392bfeab9f4
-
SHA512
817aaf02ba4ff6b7297e2872a7ddf5e6b482fa16a24b8f693db2dfdf726c2558797429c195d08a4ed37cb358468790b7979660ac71116dd164c65d0db6971b0d
-
SSDEEP
12288:nTOneqn6cDKWqQqkd1BtOkodxduog/TXJa/x82IErOJs:T1+6cDKWNGuog/TXJmxO
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-