General

  • Target

    2025-05-18_1b8f744327c4017abf77e4aab46a1ea2_elex_gandcrab

  • Size

    70KB

  • Sample

    250518-lkdk8shr8z

  • MD5

    1b8f744327c4017abf77e4aab46a1ea2

  • SHA1

    41b7d1fd440cf33c82bf5522c1140db74ef7052f

  • SHA256

    7132450e1ea9b73aad58829585cb780f55cc2e90c844268b19b413445acc44a8

  • SHA512

    4b0df85e83e3faeb9c1202ad1b71d5f19172698b02ef176057695be6dccf31e8db8843c28efc060ec59d0d65f6afabbe718f5d59d7b6a452f0e109354fe45089

  • SSDEEP

    1536:OZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:td5BJHMqqDL2/Ovvdr

Malware Config

Targets

    • Target

      2025-05-18_1b8f744327c4017abf77e4aab46a1ea2_elex_gandcrab

    • Size

      70KB

    • MD5

      1b8f744327c4017abf77e4aab46a1ea2

    • SHA1

      41b7d1fd440cf33c82bf5522c1140db74ef7052f

    • SHA256

      7132450e1ea9b73aad58829585cb780f55cc2e90c844268b19b413445acc44a8

    • SHA512

      4b0df85e83e3faeb9c1202ad1b71d5f19172698b02ef176057695be6dccf31e8db8843c28efc060ec59d0d65f6afabbe718f5d59d7b6a452f0e109354fe45089

    • SSDEEP

      1536:OZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:td5BJHMqqDL2/Ovvdr

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Gandcrab family

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks