General

  • Target

    c3b81bae9e598ddc6b8fd40e5f11af81_mafia_JC.exe

  • Size

    300KB

  • Sample

    230828-wgen8sdg27

  • MD5

    c3b81bae9e598ddc6b8fd40e5f11af81

  • SHA1

    dbf910afb087f524ee5a5aa1cd35814eecf912f2

  • SHA256

    9da802af52a7ee7563e62d16acc310e30388b69816006df3f84921e497dbf07f

  • SHA512

    87890c16ac84f9e8f7e5c827507e0a48f19d5014f93c6547751aca48dcc5e12248fd546ea1ad7b26135ebc83506d440380ada8914f27e983ba3a7a791934f50f

  • SSDEEP

    6144:8vEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:buM0Unsna5mut40B

Malware Config

Targets

    • Target

      c3b81bae9e598ddc6b8fd40e5f11af81_mafia_JC.exe

    • Size

      300KB

    • MD5

      c3b81bae9e598ddc6b8fd40e5f11af81

    • SHA1

      dbf910afb087f524ee5a5aa1cd35814eecf912f2

    • SHA256

      9da802af52a7ee7563e62d16acc310e30388b69816006df3f84921e497dbf07f

    • SHA512

      87890c16ac84f9e8f7e5c827507e0a48f19d5014f93c6547751aca48dcc5e12248fd546ea1ad7b26135ebc83506d440380ada8914f27e983ba3a7a791934f50f

    • SSDEEP

      6144:8vEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:buM0Unsna5mut40B

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.