General

  • Target

    2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab

  • Size

    573KB

  • Sample

    250107-ldtzmswrbm

  • MD5

    2ae445b7cec023ff97499f16e7ba8f69

  • SHA1

    8012690118e6f345fe94fe4d8ddbdb600117c640

  • SHA256

    c730280f6071f0911b44056a450650fe8f61d06eb9588c7ff7e5f392bfeab9f4

  • SHA512

    817aaf02ba4ff6b7297e2872a7ddf5e6b482fa16a24b8f693db2dfdf726c2558797429c195d08a4ed37cb358468790b7979660ac71116dd164c65d0db6971b0d

  • SSDEEP

    12288:nTOneqn6cDKWqQqkd1BtOkodxduog/TXJa/x82IErOJs:T1+6cDKWNGuog/TXJmxO

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-07_2ae445b7cec023ff97499f16e7ba8f69_gandcrab

    • Size

      573KB

    • MD5

      2ae445b7cec023ff97499f16e7ba8f69

    • SHA1

      8012690118e6f345fe94fe4d8ddbdb600117c640

    • SHA256

      c730280f6071f0911b44056a450650fe8f61d06eb9588c7ff7e5f392bfeab9f4

    • SHA512

      817aaf02ba4ff6b7297e2872a7ddf5e6b482fa16a24b8f693db2dfdf726c2558797429c195d08a4ed37cb358468790b7979660ac71116dd164c65d0db6971b0d

    • SSDEEP

      12288:nTOneqn6cDKWqQqkd1BtOkodxduog/TXJa/x82IErOJs:T1+6cDKWNGuog/TXJmxO

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks