gandcrab | 0436453050a7c7979bb8b3e007e60cd38c3c86d4205354bdefe659106193a41a | Triage

Sharing

General

Target

2025-04-11_175095b60ecd5318f55b10c164804a96_elex_gandcrab
Size

76KB
Sample

250411-fbfrcaztcz
MD5

175095b60ecd5318f55b10c164804a96
SHA1

46b87a0aa43372c089a2c351a7c5ad5f267134f7
SHA256

0436453050a7c7979bb8b3e007e60cd38c3c86d4205354bdefe659106193a41a
SHA512

a81137f3ab21d5e6ef7485586c8c979d20c2cbb822ce2f9662d16a1a2fa2cb88c3e9f025a85e34acf7776b7d53a23cb1c53f446e3805d01b850d593559bd00b8
SSDEEP

1536:4ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdT:2BounVyFHpfMqqDL2/LkvdT

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-04-11_175095b60ecd5318f55b10c164804a96_elex_gandcrab
- Size
  
  76KB
- MD5
  
  175095b60ecd5318f55b10c164804a96
- SHA1
  
  46b87a0aa43372c089a2c351a7c5ad5f267134f7
- SHA256
  
  0436453050a7c7979bb8b3e007e60cd38c3c86d4205354bdefe659106193a41a
- SHA512
  
  a81137f3ab21d5e6ef7485586c8c979d20c2cbb822ce2f9662d16a1a2fa2cb88c3e9f025a85e34acf7776b7d53a23cb1c53f446e3805d01b850d593559bd00b8
- SSDEEP
  
  1536:4ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdT:2BounVyFHpfMqqDL2/LkvdT
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence