gandcrab | 0a8346ec0bbfee5b56d71dc3527574211412f9df5d5735dd608a8dec47889da8 | Triage

Sharing

General

Target

2025-04-11_a16dafd988050bb4bf8658d5bf656c8d_elex_gandcrab
Size

76KB
Sample

250411-gbrz2s1lw5
MD5

a16dafd988050bb4bf8658d5bf656c8d
SHA1

c791d67b50117512382c3b726d486dc1d60c5de8
SHA256

0a8346ec0bbfee5b56d71dc3527574211412f9df5d5735dd608a8dec47889da8
SHA512

df3fa39dc7201f5181a9c3a2c69f5d78778586e2af99f6e38050803b2d2819ae7f755b150f6657a93f97866c8780ed74287b66f3999c13d5f77f811114d0fbf7
SSDEEP

1536:JZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdS:1BounVyFHpfMqqDL2/LkvdS

Score

10^/10

gandcrab discovery persistence

Malware Config

Targets

- Target
  
  2025-04-11_a16dafd988050bb4bf8658d5bf656c8d_elex_gandcrab
- Size
  
  76KB
- MD5
  
  a16dafd988050bb4bf8658d5bf656c8d
- SHA1
  
  c791d67b50117512382c3b726d486dc1d60c5de8
- SHA256
  
  0a8346ec0bbfee5b56d71dc3527574211412f9df5d5735dd608a8dec47889da8
- SHA512
  
  df3fa39dc7201f5181a9c3a2c69f5d78778586e2af99f6e38050803b2d2819ae7f755b150f6657a93f97866c8780ed74287b66f3999c13d5f77f811114d0fbf7
- SSDEEP
  
  1536:JZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2LkvdS:1BounVyFHpfMqqDL2/LkvdS
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence