gandcrab | 3f306718d69eaa7af83c55d7ce993f9cf0c32a4cfe2105c719cc44d20233ca1f | Triage

Sharing

General

Target

2025-04-11_05a78a1030a2b0ee30b9312550da5695_elex_gandcrab
Size

76KB
Sample

250411-e9e22aztay
MD5

05a78a1030a2b0ee30b9312550da5695
SHA1

b5d7802ef2ff838af532ca76eb32db71baeff2ad
SHA256

3f306718d69eaa7af83c55d7ce993f9cf0c32a4cfe2105c719cc44d20233ca1f
SHA512

155c8ea257d8ed48f4248bc2dbc838d9f2370c4a016668b9520d88f155e137901eceee5f23d4c69ff4f6728b599e96be4fa7102eda2cb92817e2f18983ba2883
SSDEEP

1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdT:qBounVyFHpfMqqDL2/LkvdT

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-04-11_05a78a1030a2b0ee30b9312550da5695_elex_gandcrab
- Size
  
  76KB
- MD5
  
  05a78a1030a2b0ee30b9312550da5695
- SHA1
  
  b5d7802ef2ff838af532ca76eb32db71baeff2ad
- SHA256
  
  3f306718d69eaa7af83c55d7ce993f9cf0c32a4cfe2105c719cc44d20233ca1f
- SHA512
  
  155c8ea257d8ed48f4248bc2dbc838d9f2370c4a016668b9520d88f155e137901eceee5f23d4c69ff4f6728b599e96be4fa7102eda2cb92817e2f18983ba2883
- SSDEEP
  
  1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdT:qBounVyFHpfMqqDL2/LkvdT
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence