gandcrab | 311cfe88a70021660db6887aa1ffee8914eed7bbfa6e0e5a53100b5231bc1e30 | Triage

Sharing

General

Target

2025-04-10_1507b48a63257eacc2079a43292fb159_elex_gandcrab
Size

76KB
Sample

250410-e196ta1waz
MD5

1507b48a63257eacc2079a43292fb159
SHA1

7dee25189bdc1d3b9af3b03734e55099ad5667c3
SHA256

311cfe88a70021660db6887aa1ffee8914eed7bbfa6e0e5a53100b5231bc1e30
SHA512

7ea7167d463542a20dbb83d66d50ee8026af8f14020e111bbf7cc02e40c574bb1d4e97d13112eb9ea50fa00c023dc10def300b2dd3bccf90314765420a8ee432
SSDEEP

1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdJ:qBounVyFHpfMqqDL2/LkvdJ

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-04-10_1507b48a63257eacc2079a43292fb159_elex_gandcrab
- Size
  
  76KB
- MD5
  
  1507b48a63257eacc2079a43292fb159
- SHA1
  
  7dee25189bdc1d3b9af3b03734e55099ad5667c3
- SHA256
  
  311cfe88a70021660db6887aa1ffee8914eed7bbfa6e0e5a53100b5231bc1e30
- SHA512
  
  7ea7167d463542a20dbb83d66d50ee8026af8f14020e111bbf7cc02e40c574bb1d4e97d13112eb9ea50fa00c023dc10def300b2dd3bccf90314765420a8ee432
- SSDEEP
  
  1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdJ:qBounVyFHpfMqqDL2/LkvdJ
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence