gandcrab | 901715f9bdac6d045a3fd11a64b1e09360424563c7980b3dc4003bf65b724f54 | Triage

Sharing

General

Target

2025-01-23_0a812dafdd52f17941e63c3b5d3aab57_gandcrab
Size

70KB
Sample

250123-x4mh2a1rdj
MD5

0a812dafdd52f17941e63c3b5d3aab57
SHA1

d44a8019d7ec2fda6e14f8db086c5cb8ebbf8e55
SHA256

901715f9bdac6d045a3fd11a64b1e09360424563c7980b3dc4003bf65b724f54
SHA512

9c80522c5f129e957e87622c185b8b56b933291a52f22370506d9551f2dffe67e315f110189114d53cfb7ccd015bf753ce73dd6722af9b51f96b006bd04e9d64
SSDEEP

1536:TZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Cd5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-01-23_0a812dafdd52f17941e63c3b5d3aab57_gandcrab
- Size
  
  70KB
- MD5
  
  0a812dafdd52f17941e63c3b5d3aab57
- SHA1
  
  d44a8019d7ec2fda6e14f8db086c5cb8ebbf8e55
- SHA256
  
  901715f9bdac6d045a3fd11a64b1e09360424563c7980b3dc4003bf65b724f54
- SHA512
  
  9c80522c5f129e957e87622c185b8b56b933291a52f22370506d9551f2dffe67e315f110189114d53cfb7ccd015bf753ce73dd6722af9b51f96b006bd04e9d64
- SSDEEP
  
  1536:TZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:Cd5BJHMqqDL2/Ovvdr
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence