General

  • Target

    2024010673b4e7a19ea1beaddd320045e25826b4karaganymafia.exe

  • Size

    265KB

  • Sample

    240107-x1qfhscccn

  • MD5

    73b4e7a19ea1beaddd320045e25826b4

  • SHA1

    62b858c5714584e9ef4cc0ba7911844e3170b0bc

  • SHA256

    3fba6050dcf7c3f2b6bb92d1cba07592940512a14001cab0e43997d315157466

  • SHA512

    34dcefeb573e1abeb4be4c526f30e99ec19ae87da10efeb092db7482302b22a01e56fd03de5cd3b4aa5b85f9c83d188f24a26d4d509899edaffd3d76064b8a0b

  • SSDEEP

    3072:Ov5tt9cXgoEJk/N77w1ixVJgLzhUkNp2fAhz1WLNoXE1e3GcCFK/ksMRRpwzvjDo:OvSgnk/NgSJqzhUU2fa1WKXIOTzjELEG

Malware Config

Targets

    • Target

      2024010673b4e7a19ea1beaddd320045e25826b4karaganymafia.exe

    • Size

      265KB

    • MD5

      73b4e7a19ea1beaddd320045e25826b4

    • SHA1

      62b858c5714584e9ef4cc0ba7911844e3170b0bc

    • SHA256

      3fba6050dcf7c3f2b6bb92d1cba07592940512a14001cab0e43997d315157466

    • SHA512

      34dcefeb573e1abeb4be4c526f30e99ec19ae87da10efeb092db7482302b22a01e56fd03de5cd3b4aa5b85f9c83d188f24a26d4d509899edaffd3d76064b8a0b

    • SSDEEP

      3072:Ov5tt9cXgoEJk/N77w1ixVJgLzhUkNp2fAhz1WLNoXE1e3GcCFK/ksMRRpwzvjDo:OvSgnk/NgSJqzhUU2fa1WKXIOTzjELEG

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks