Overview

overview

10

Static

static

10

2025-03-31...ys.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-31_dbf610e5f5d3581a5abf5609029ac676_gandcrab_rhadamanthys

  • Size

    73KB

  • Sample

    250331-sms72avnw2

  • MD5

    dbf610e5f5d3581a5abf5609029ac676

  • SHA1

    90a6464daf06e15c46b93d965d5106589fb4f65b

  • SHA256

    661e84e6434338ba37a2e6edb95482858b8131562cfc6da87ff9fe64f5751819

  • SHA512

    5694f479e4bab4ec595b742f00150bbaedd777e11ac5d7fdd97cef9c21f18b9d0c4c6d62a306a63fd49d3ef1a2b35f78e18ad0426645d84656e45fb2d5735cdf

  • SSDEEP

    1536:355u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:zMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10
gandcrabdiscoverypersistence

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      2025-03-31_dbf610e5f5d3581a5abf5609029ac676_gandcrab_rhadamanthys

    • Size

      73KB

    • MD5

      dbf610e5f5d3581a5abf5609029ac676

    • SHA1

      90a6464daf06e15c46b93d965d5106589fb4f65b

    • SHA256

      661e84e6434338ba37a2e6edb95482858b8131562cfc6da87ff9fe64f5751819

    • SHA512

      5694f479e4bab4ec595b742f00150bbaedd777e11ac5d7fdd97cef9c21f18b9d0c4c6d62a306a63fd49d3ef1a2b35f78e18ad0426645d84656e45fb2d5735cdf

    • SSDEEP

      1536:355u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:zMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks