Overview

overview

10

Static

static

10

2025-01-24...ab.exe

windows7-x64

6

2025-01-24...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-24_16eb392c4e619b3f415976c04f7f7f21_gandcrab

  • Size

    73KB

  • Sample

    250124-cvscpsvmew

  • MD5

    16eb392c4e619b3f415976c04f7f7f21

  • SHA1

    39cbfff930212e85e357f2953b9865131e8d8773

  • SHA256

    3173483740271cd855ebb4c266a4a85d5fda71847d8c19b1a94a2d77a38092c0

  • SHA512

    e18f76f6344c3befdaf16990f343ed1cc795d7b17098fa8653414fe5b94689b0eee5bdd3fb4fd454683050711a7052c45b1b9dd996dfe2f0cd05e1b08a720269

  • SSDEEP

    1536:m55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rB:MMSjOnrmBTMqqDL2/mr3IdE8we0Avu59

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-24_16eb392c4e619b3f415976c04f7f7f21_gandcrab

    • Size

      73KB

    • MD5

      16eb392c4e619b3f415976c04f7f7f21

    • SHA1

      39cbfff930212e85e357f2953b9865131e8d8773

    • SHA256

      3173483740271cd855ebb4c266a4a85d5fda71847d8c19b1a94a2d77a38092c0

    • SHA512

      e18f76f6344c3befdaf16990f343ed1cc795d7b17098fa8653414fe5b94689b0eee5bdd3fb4fd454683050711a7052c45b1b9dd996dfe2f0cd05e1b08a720269

    • SSDEEP

      1536:m55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rB:MMSjOnrmBTMqqDL2/mr3IdE8we0Avu59

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks