gandcrab | e7141aa12c5aa728962bf2aaeb37ff59e091335406898f813d593c0b3b30f73c | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-01-13...er.exe

windows7-x64

2025-01-13...er.exe

windows10-2004-x64

Sharing

General

Target

2025-01-13_274e390c4fb90d52b6eb0dab09ed3f44_magniber
Size

277KB
Sample

250113-yhag1sxqck
MD5

274e390c4fb90d52b6eb0dab09ed3f44
SHA1

34e92c0d42740a4dc8cff7c15037363751e637c4
SHA256

e7141aa12c5aa728962bf2aaeb37ff59e091335406898f813d593c0b3b30f73c
SHA512

036e24b0f00ffd3dad1b57fc12d42b59d860d9b63358c0b45c0d7c45fa2b9fccbc129e2768bfab50848f6954823ec2425629abc6028c28ae12f5bec7656282d8
SSDEEP

6144:33nHPDm0jLAu6Y5jEw564aoJxmhuw1AFkHK/:Hvbjf6YNFehQwo

Score

10^/10

gandcrab backdoor discovery persistence ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-01-13_274e390c4fb90d52b6eb0dab09ed3f44_magniber.exe

Resource

win7-20240903-en

gandcrab backdoor discovery persistence ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-01-13_274e390c4fb90d52b6eb0dab09ed3f44_magniber.exe

Resource

win10v2004-20241007-en

gandcrab backdoor discovery ransomware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-01-13_274e390c4fb90d52b6eb0dab09ed3f44_magniber
- Size
  
  277KB
- MD5
  
  274e390c4fb90d52b6eb0dab09ed3f44
- SHA1
  
  34e92c0d42740a4dc8cff7c15037363751e637c4
- SHA256
  
  e7141aa12c5aa728962bf2aaeb37ff59e091335406898f813d593c0b3b30f73c
- SHA512
  
  036e24b0f00ffd3dad1b57fc12d42b59d860d9b63358c0b45c0d7c45fa2b9fccbc129e2768bfab50848f6954823ec2425629abc6028c28ae12f5bec7656282d8
- SSDEEP
  
  6144:33nHPDm0jLAu6Y5jEw564aoJxmhuw1AFkHK/:Hvbjf6YNFehQwo
Score

10^/10

gandcrab backdoor discovery persistence ransomware
- GandCrab payload
- Gandcrab
  Gandcrab is a Trojan horse that encrypts files on a computer.
  ransomware backdoor gandcrab
- Gandcrab family
  gandcrab
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gandcrabbackdoordiscoverypersistenceransomware

behavioral2

gandcrabbackdoordiscoveryransomware

© 2018-2025

Terms | Privacy