Overview

overview

10

Static

static

10

2025-01-24...ab.exe

windows7-x64

10

2025-01-24...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-24_1c30a0ca228c5e32211e9185777e4cbf_gandcrab

  • Size

    97KB

  • Sample

    250124-lc998s1pbt

  • MD5

    1c30a0ca228c5e32211e9185777e4cbf

  • SHA1

    e04594e4a5104ea08f7ea00d8e7a721eba2689ac

  • SHA256

    12e7d17f9507c0ed7da6ae7a7dbf1a3484e1f63fc025e07d7c9f6f14346cb865

  • SHA512

    735f3fe2d7f1caa9e7ccd2f2e245a13d20bfd75968e2e81636acee88037f17a629f851e6bf5ddfd78c90181a5a8b258c17db253c775198ac60611a1804e51620

  • SSDEEP

    1536:dZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:BBounVyFHFMqqDL2/LgHkc2

Score
10/10
gandcrabbackdoordiscoverypersistenceransomwareupx

Malware Config

Targets

    • Target

      2025-01-24_1c30a0ca228c5e32211e9185777e4cbf_gandcrab

    • Size

      97KB

    • MD5

      1c30a0ca228c5e32211e9185777e4cbf

    • SHA1

      e04594e4a5104ea08f7ea00d8e7a721eba2689ac

    • SHA256

      12e7d17f9507c0ed7da6ae7a7dbf1a3484e1f63fc025e07d7c9f6f14346cb865

    • SHA512

      735f3fe2d7f1caa9e7ccd2f2e245a13d20bfd75968e2e81636acee88037f17a629f851e6bf5ddfd78c90181a5a8b258c17db253c775198ac60611a1804e51620

    • SSDEEP

      1536:dZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:BBounVyFHFMqqDL2/LgHkc2

    Score
    10/10
    gandcrabbackdoordiscoverypersistenceransomwareupx

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Gandcrab family

      gandcrab

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks