Overview

overview

10

Static

static

10

2025-01-23...ab.exe

windows7-x64

6

2025-01-23...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-23_0fadc7b346d17cc1a3099739f6a3b36e_gandcrab

  • Size

    73KB

  • Sample

    250123-aqe6gasray

  • MD5

    0fadc7b346d17cc1a3099739f6a3b36e

  • SHA1

    2edb592c44ac5c76540e24d54403df19682526f4

  • SHA256

    9768b213ac118d8cbc5e18f0c1f20f79b035ca67d1c780fbbe5dd5fdd6a15cc8

  • SHA512

    f9dcfe2905d8201a0dfdb75bbefdc623b141fbac86218aeaeba4a418b377ffb67390b3930342ebc1254f96c9036f03cfeda5c1947ca99d87cdfb420c60f95a24

  • SSDEEP

    1536:q55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:wMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-23_0fadc7b346d17cc1a3099739f6a3b36e_gandcrab

    • Size

      73KB

    • MD5

      0fadc7b346d17cc1a3099739f6a3b36e

    • SHA1

      2edb592c44ac5c76540e24d54403df19682526f4

    • SHA256

      9768b213ac118d8cbc5e18f0c1f20f79b035ca67d1c780fbbe5dd5fdd6a15cc8

    • SHA512

      f9dcfe2905d8201a0dfdb75bbefdc623b141fbac86218aeaeba4a418b377ffb67390b3930342ebc1254f96c9036f03cfeda5c1947ca99d87cdfb420c60f95a24

    • SSDEEP

      1536:q55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:wMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks