Overview

overview

10

Static

static

10

2025-01-11...ab.exe

windows7-x64

6

2025-01-11...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-11_1a25d2a3691cbc0294786bab51641e04_gandcrab

  • Size

    73KB

  • Sample

    250111-y4y3hazrbr

  • MD5

    1a25d2a3691cbc0294786bab51641e04

  • SHA1

    02d621efa6c299f20a4a622e431c711eed44361c

  • SHA256

    dcd6743eaea128249c0261d68677b8cd988d4422d8a454dea7c509fdda9a2e67

  • SHA512

    0b21aca06da8160214bdd6f82072b6f60924d4efb27dcf32a64bf23aee933119a019c85033a8e0ba5291972d5834f19e1ab0aff41ce45eba1f7905c933809494

  • SSDEEP

    1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-11_1a25d2a3691cbc0294786bab51641e04_gandcrab

    • Size

      73KB

    • MD5

      1a25d2a3691cbc0294786bab51641e04

    • SHA1

      02d621efa6c299f20a4a622e431c711eed44361c

    • SHA256

      dcd6743eaea128249c0261d68677b8cd988d4422d8a454dea7c509fdda9a2e67

    • SHA512

      0b21aca06da8160214bdd6f82072b6f60924d4efb27dcf32a64bf23aee933119a019c85033a8e0ba5291972d5834f19e1ab0aff41ce45eba1f7905c933809494

    • SSDEEP

      1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks