General
-
Target
2024-01-01_ea2413067392a11faf766d2300f61a3c_karagany_mafia
-
Size
308KB
-
Sample
240105-gkzq9aehd7
-
MD5
ea2413067392a11faf766d2300f61a3c
-
SHA1
4c91bfc9c430f4eba5ff6ca2611ef18484964da3
-
SHA256
ce6538909cef20721a0d6b0e0c7da5979130aee25641292e545658ca4554b59a
-
SHA512
58cd99e15b396da422dca64020d4a26b3dc323c3246d873b617484958be62fc07e1b00701802836744c0c00c20e9fd1fe4af99da3aef113c847c371084984a63
-
SSDEEP
6144:ezL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:cDHNam62ZdKmZmuPH
Malware Config
Targets
-
-
Target
2024-01-01_ea2413067392a11faf766d2300f61a3c_karagany_mafia
-
Size
308KB
-
MD5
ea2413067392a11faf766d2300f61a3c
-
SHA1
4c91bfc9c430f4eba5ff6ca2611ef18484964da3
-
SHA256
ce6538909cef20721a0d6b0e0c7da5979130aee25641292e545658ca4554b59a
-
SHA512
58cd99e15b396da422dca64020d4a26b3dc323c3246d873b617484958be62fc07e1b00701802836744c0c00c20e9fd1fe4af99da3aef113c847c371084984a63
-
SSDEEP
6144:ezL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:cDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-