General

  • Target

    2025-03-26_d48ec1cc533c64833eaa74d6dcfd6305_gandcrab

  • Size

    97KB

  • Sample

    250326-f1bhxsxygy

  • MD5

    d48ec1cc533c64833eaa74d6dcfd6305

  • SHA1

    b4ed1a1dd921bf21a7df4943dccc23c951548c90

  • SHA256

    744184e0f8facf603f6ff890ef62a7c4e4f010f00dcb5b1c7e15cf65b99325a6

  • SHA512

    4b83ac58861606343f1b5faf11c1c52a695124d68a61bffdd9317ccba9be3e2ed397a6873c79aeb7646e559ff2c6bca54317a4bd6942896f4513ae8a8ac06505

  • SSDEEP

    1536:XZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:fBounVyFHFMqqDL2/LgHkc2

Malware Config

Targets

    • Target

      2025-03-26_d48ec1cc533c64833eaa74d6dcfd6305_gandcrab

    • Size

      97KB

    • MD5

      d48ec1cc533c64833eaa74d6dcfd6305

    • SHA1

      b4ed1a1dd921bf21a7df4943dccc23c951548c90

    • SHA256

      744184e0f8facf603f6ff890ef62a7c4e4f010f00dcb5b1c7e15cf65b99325a6

    • SHA512

      4b83ac58861606343f1b5faf11c1c52a695124d68a61bffdd9317ccba9be3e2ed397a6873c79aeb7646e559ff2c6bca54317a4bd6942896f4513ae8a8ac06505

    • SSDEEP

      1536:XZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:fBounVyFHFMqqDL2/LgHkc2

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks