Overview

overview

10

Static

static

10

2025-03-26...ys.exe

windows7-x64

6

2025-03-26...ys.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-26_55fca67579f8a19ed6e6cb1471751dfc_gandcrab_rhadamanthys

  • Size

    73KB

  • Sample

    250326-fbet2sxwes

  • MD5

    55fca67579f8a19ed6e6cb1471751dfc

  • SHA1

    29893d2704ce876783a41f508f86564bbf1c0758

  • SHA256

    b52910d4d8531a68eda2fa5aa467df5b5f4f34abd0ecbbb42b6308d2b192df55

  • SHA512

    4c1719955a8676b3bbd51404d992306b5835504c078f14cb375b5ab7ebce70b7e08ffdb2366c55b23df79cfe536b94d52156c752d5d4f54c29839fae6eb2b9be

  • SSDEEP

    1536:X55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:TMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-03-26_55fca67579f8a19ed6e6cb1471751dfc_gandcrab_rhadamanthys

    • Size

      73KB

    • MD5

      55fca67579f8a19ed6e6cb1471751dfc

    • SHA1

      29893d2704ce876783a41f508f86564bbf1c0758

    • SHA256

      b52910d4d8531a68eda2fa5aa467df5b5f4f34abd0ecbbb42b6308d2b192df55

    • SHA512

      4c1719955a8676b3bbd51404d992306b5835504c078f14cb375b5ab7ebce70b7e08ffdb2366c55b23df79cfe536b94d52156c752d5d4f54c29839fae6eb2b9be

    • SSDEEP

      1536:X55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:TMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks