gandcrab | dd3a5ef2affe0124add1f2c2e45df94a7b6d5d38770500e91f9f169eab86ad38 | Triage

Sharing

General

Target

2025-01-23_19a2345482dc0e00962c6b415b077e41_gandcrab
Size

70KB
Sample

250123-g7f8esxrdr
MD5

19a2345482dc0e00962c6b415b077e41
SHA1

5ceb476bd1dc6b7b9016ad918cc440b59a4441e7
SHA256

dd3a5ef2affe0124add1f2c2e45df94a7b6d5d38770500e91f9f169eab86ad38
SHA512

4f451919dd1e7f8b2e1709e4cb9843952c2008d4a955d46f3233f7cefc07fcea595b8637320f8813dcd7608b77202ebb0218aee3e298f880ba4f85b542b0e37c
SSDEEP

1536:VZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Ed5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-01-23_19a2345482dc0e00962c6b415b077e41_gandcrab
- Size
  
  70KB
- MD5
  
  19a2345482dc0e00962c6b415b077e41
- SHA1
  
  5ceb476bd1dc6b7b9016ad918cc440b59a4441e7
- SHA256
  
  dd3a5ef2affe0124add1f2c2e45df94a7b6d5d38770500e91f9f169eab86ad38
- SHA512
  
  4f451919dd1e7f8b2e1709e4cb9843952c2008d4a955d46f3233f7cefc07fcea595b8637320f8813dcd7608b77202ebb0218aee3e298f880ba4f85b542b0e37c
- SSDEEP
  
  1536:VZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Ed5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence