General

  • Target

    20240106ce887727389adf490fbe5e36f35a857akaraganymafia.exe

  • Size

    327KB

  • Sample

    240107-x3szescdcj

  • MD5

    ce887727389adf490fbe5e36f35a857a

  • SHA1

    230ba0333d54fffbaa60946a87e0d5fb1ffe8d18

  • SHA256

    870c664ad676a3964dd527a31554a59623226ffa9eacfac277ac95b5b2f24b7f

  • SHA512

    b948ad2ccf8f3ea93ef53c8a0372281b5a5b464af7ba802b670ba38aff74695f7d9a6c05b39dc62304efd1e275f1bddff1abff7091b84101a1c572646a48a937

  • SSDEEP

    6144:p7VHzhC5EEKuBkFwbUDGTgtLA8n8tmiu7mxSeOnDvxDwOSa:fThCTKuBtgD3BA0hLeONDFSa

Malware Config

Targets

    • Target

      20240106ce887727389adf490fbe5e36f35a857akaraganymafia.exe

    • Size

      327KB

    • MD5

      ce887727389adf490fbe5e36f35a857a

    • SHA1

      230ba0333d54fffbaa60946a87e0d5fb1ffe8d18

    • SHA256

      870c664ad676a3964dd527a31554a59623226ffa9eacfac277ac95b5b2f24b7f

    • SHA512

      b948ad2ccf8f3ea93ef53c8a0372281b5a5b464af7ba802b670ba38aff74695f7d9a6c05b39dc62304efd1e275f1bddff1abff7091b84101a1c572646a48a937

    • SSDEEP

      6144:p7VHzhC5EEKuBkFwbUDGTgtLA8n8tmiu7mxSeOnDvxDwOSa:fThCTKuBtgD3BA0hLeONDFSa

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks