Overview

overview

10

Static

static

10

2025-01-18...ab.exe

windows7-x64

6

2025-01-18...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-18_7b2bfb21cd1b02c08bd6d6a878c78970_gandcrab

  • Size

    73KB

  • Sample

    250118-fhb2qstkhw

  • MD5

    7b2bfb21cd1b02c08bd6d6a878c78970

  • SHA1

    ba91ceb50f403fdfdd7734af055892c657c7e0eb

  • SHA256

    9126c92cb39d30d5a5a3e84bfaed8af86afdf136107036a7bbca74371eaf146d

  • SHA512

    71ff819d48929ac840162f353d73f4436458fa398184dd2213e06a52da1bed0281f78778c0829330d92dbe4add8ca5c12440758da7ea9831dcb812ba58cc56a2

  • SSDEEP

    1536:e55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:0MSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-18_7b2bfb21cd1b02c08bd6d6a878c78970_gandcrab

    • Size

      73KB

    • MD5

      7b2bfb21cd1b02c08bd6d6a878c78970

    • SHA1

      ba91ceb50f403fdfdd7734af055892c657c7e0eb

    • SHA256

      9126c92cb39d30d5a5a3e84bfaed8af86afdf136107036a7bbca74371eaf146d

    • SHA512

      71ff819d48929ac840162f353d73f4436458fa398184dd2213e06a52da1bed0281f78778c0829330d92dbe4add8ca5c12440758da7ea9831dcb812ba58cc56a2

    • SSDEEP

      1536:e55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:0MSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks