Overview

overview

10

Static

static

10

2025-01-23...ab.exe

windows7-x64

6

2025-01-23...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-23_10e98441b16db9b4d5b0d709f714e5b4_gandcrab

  • Size

    73KB

  • Sample

    250123-z8xkxavqfr

  • MD5

    10e98441b16db9b4d5b0d709f714e5b4

  • SHA1

    1f164288bf619f4a7df1c23809fb822e6f200da5

  • SHA256

    bb733223b38d70d42f25bb0fddb94a427e9efbdee410e4c7d05b4f2ef01bb408

  • SHA512

    b0ba2328e3ead45860176ce319b03c7b0d60801d24696820b42b24bd30b25990c8ef63139b65b14bafac6c428a53bc505d7ac4e086117487d1ae05692a760604

  • SSDEEP

    1536:j555555555555pmgSeGDjtQhnwmmB0y6MqqU+2bbbAV2/S2mr3IdE8mne0Avu5ry:EMSjOnrmBSMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-23_10e98441b16db9b4d5b0d709f714e5b4_gandcrab

    • Size

      73KB

    • MD5

      10e98441b16db9b4d5b0d709f714e5b4

    • SHA1

      1f164288bf619f4a7df1c23809fb822e6f200da5

    • SHA256

      bb733223b38d70d42f25bb0fddb94a427e9efbdee410e4c7d05b4f2ef01bb408

    • SHA512

      b0ba2328e3ead45860176ce319b03c7b0d60801d24696820b42b24bd30b25990c8ef63139b65b14bafac6c428a53bc505d7ac4e086117487d1ae05692a760604

    • SSDEEP

      1536:j555555555555pmgSeGDjtQhnwmmB0y6MqqU+2bbbAV2/S2mr3IdE8mne0Avu5ry:EMSjOnrmBSMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks