Overview

overview

10

Static

static

10

2025-01-29...ab.exe

windows7-x64

6

2025-01-29...ab.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-29_36c387c8415fa59fdb76de0f2343776e_gandcrab

  • Size

    73KB

  • Sample

    250129-g6fv9swmfm

  • MD5

    36c387c8415fa59fdb76de0f2343776e

  • SHA1

    6ca91ac12857a5e3f896a88f0a60f444f1d6895e

  • SHA256

    8b441038b779466a02fc068b8980634bdca83defc86fb8d1bc421b2d98b1712f

  • SHA512

    0f8eaa2ae8987be832eeba88c8d3db02592ef9abc02aa9019f7561e39bfa5c352ea2155ea014ee62002323423d3d48f1061c69bac20897b27876bd9a7ca22d8a

  • SSDEEP

    1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-01-29_36c387c8415fa59fdb76de0f2343776e_gandcrab

    • Size

      73KB

    • MD5

      36c387c8415fa59fdb76de0f2343776e

    • SHA1

      6ca91ac12857a5e3f896a88f0a60f444f1d6895e

    • SHA256

      8b441038b779466a02fc068b8980634bdca83defc86fb8d1bc421b2d98b1712f

    • SHA512

      0f8eaa2ae8987be832eeba88c8d3db02592ef9abc02aa9019f7561e39bfa5c352ea2155ea014ee62002323423d3d48f1061c69bac20897b27876bd9a7ca22d8a

    • SSDEEP

      1536:O55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:EMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks