gandcrab | e07a0372103f2f0a48c63956331a09edc789b1fa35fe40c12560951ecc1c38b4 | Triage

Sharing

General

Target

2025-01-29_36777f5f347ae02932c398135513de52_gandcrab
Size

70KB
Sample

250129-kft7rasnav
MD5

36777f5f347ae02932c398135513de52
SHA1

467f15121c9094f5a41969016c71fd0ddd386b1a
SHA256

e07a0372103f2f0a48c63956331a09edc789b1fa35fe40c12560951ecc1c38b4
SHA512

30f813922504ecdac671f9f56b50836a7d59f2a35527a6f110b5de7402c89965cea787084ee93d90b1426d7af25554f56742ee5caaceee3462a1cfddbc1072e2
SSDEEP

1536:fZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZM:2d5BJHMqqDL2/Ovvdr+

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-01-29_36777f5f347ae02932c398135513de52_gandcrab
- Size
  
  70KB
- MD5
  
  36777f5f347ae02932c398135513de52
- SHA1
  
  467f15121c9094f5a41969016c71fd0ddd386b1a
- SHA256
  
  e07a0372103f2f0a48c63956331a09edc789b1fa35fe40c12560951ecc1c38b4
- SHA512
  
  30f813922504ecdac671f9f56b50836a7d59f2a35527a6f110b5de7402c89965cea787084ee93d90b1426d7af25554f56742ee5caaceee3462a1cfddbc1072e2
- SSDEEP
  
  1536:fZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZM:2d5BJHMqqDL2/Ovvdr+
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence