gandcrab | e7b70316bcdd76df1f0db550671cf334e10cd0a5b3a68ffa800805e33a15417a | Triage

Sharing

General

Target

2025-01-17_6275f674db11c2e7422d4c9f3afb85da_gandcrab
Size

70KB
Sample

250117-t9dxaswqcw
MD5

6275f674db11c2e7422d4c9f3afb85da
SHA1

93e4bdb5e236b76188240b7966c0f81a187ddd17
SHA256

e7b70316bcdd76df1f0db550671cf334e10cd0a5b3a68ffa800805e33a15417a
SHA512

764d0ded6268de9d09eb1517f0c561537fa5b7364695e294a12229c66386ec9d3b4fc46a784065cf1a2c621f5643ad4c64ea6973861ab108886fad297c25a0f3
SSDEEP

1536:SZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Zd5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-01-17_6275f674db11c2e7422d4c9f3afb85da_gandcrab
- Size
  
  70KB
- MD5
  
  6275f674db11c2e7422d4c9f3afb85da
- SHA1
  
  93e4bdb5e236b76188240b7966c0f81a187ddd17
- SHA256
  
  e7b70316bcdd76df1f0db550671cf334e10cd0a5b3a68ffa800805e33a15417a
- SHA512
  
  764d0ded6268de9d09eb1517f0c561537fa5b7364695e294a12229c66386ec9d3b4fc46a784065cf1a2c621f5643ad4c64ea6973861ab108886fad297c25a0f3
- SSDEEP
  
  1536:SZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Zd5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence