General
-
Target
cc80413e536288c6cac12b6aba057196_mafia_JC.exe
-
Size
308KB
-
Sample
230829-sce8esgb71
-
MD5
cc80413e536288c6cac12b6aba057196
-
SHA1
18c03d78e33114a928a2f2592e7483c80a3324df
-
SHA256
de99538c4110f9fad7238b84711704955b25cb0d1ff9cbc35f6644026bca72da
-
SHA512
92ae9ddff0018ec56eaadf86664761b7a31c7c769e0613ba3de48b3e5198599cf18df9475b1cde5ca216520d0f750b636970e09d147cfaad0124bc01a8ed9089
-
SSDEEP
6144:mzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:kDHNam62ZdKmZmuPH
Malware Config
Targets
-
-
Target
cc80413e536288c6cac12b6aba057196_mafia_JC.exe
-
Size
308KB
-
MD5
cc80413e536288c6cac12b6aba057196
-
SHA1
18c03d78e33114a928a2f2592e7483c80a3324df
-
SHA256
de99538c4110f9fad7238b84711704955b25cb0d1ff9cbc35f6644026bca72da
-
SHA512
92ae9ddff0018ec56eaadf86664761b7a31c7c769e0613ba3de48b3e5198599cf18df9475b1cde5ca216520d0f750b636970e09d147cfaad0124bc01a8ed9089
-
SSDEEP
6144:mzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:kDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-