gandcrab | fe61dde83abe767eacaa4c659483db6b48b28a7beb5d2a6320a9ce6610790101 | Triage

Sharing

General

Target

2025-04-10_9568b5a5fac8183ac97ff01a4913235c_elex_gandcrab
Size

76KB
Sample

250410-e8aqxs1xdy
MD5

9568b5a5fac8183ac97ff01a4913235c
SHA1

7ed957143fda86625ba28dc2d39ff841cb0bf205
SHA256

fe61dde83abe767eacaa4c659483db6b48b28a7beb5d2a6320a9ce6610790101
SHA512

c3333a81ec1bcfed9fe7ae27699d934300767e030b2528dc4c315fad6edf49d2b65fdc144c9c28579beb18e4891e89c23656c6491ee01882a282d4023a929da4
SSDEEP

1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvdc:qBounVyFHpfMqqDL2/Lkvdc

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-04-10_9568b5a5fac8183ac97ff01a4913235c_elex_gandcrab
- Size
  
  76KB
- MD5
  
  9568b5a5fac8183ac97ff01a4913235c
- SHA1
  
  7ed957143fda86625ba28dc2d39ff841cb0bf205
- SHA256
  
  fe61dde83abe767eacaa4c659483db6b48b28a7beb5d2a6320a9ce6610790101
- SHA512
  
  c3333a81ec1bcfed9fe7ae27699d934300767e030b2528dc4c315fad6edf49d2b65fdc144c9c28579beb18e4891e89c23656c6491ee01882a282d4023a929da4
- SSDEEP
  
  1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvdc:qBounVyFHpfMqqDL2/Lkvdc
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence