General

  • Target

    20240106a5ea93967d84ed20fa52746a9b5857cdkaraganymafia.exe

  • Size

    265KB

  • Sample

    240107-yct98scgdl

  • MD5

    a5ea93967d84ed20fa52746a9b5857cd

  • SHA1

    be3670cd62418bfad5e5e476ee65ce3f313f625f

  • SHA256

    f10229955bd57b5c191ca982af89d8367d61f89ef2be2e2d79a0cfb8a5a27f6a

  • SHA512

    934fbcc913c465dd186df54ec000e85494e049606286d39442a70ab194bed0524be03d877a24d22e93ba2ec23e0d201b99e194e390c620a8d7813137cca40efb

  • SSDEEP

    3072:Tv5tt9cXgoEJk/N77w1ixVJgLzhUkNp2fAhz1WLNoXE1e3GcCFK/ksMRRpwzvjDo:TvSgnk/NgSJqzhUU2fa1WKXIOTzjELEG

Malware Config

Targets

    • Target

      20240106a5ea93967d84ed20fa52746a9b5857cdkaraganymafia.exe

    • Size

      265KB

    • MD5

      a5ea93967d84ed20fa52746a9b5857cd

    • SHA1

      be3670cd62418bfad5e5e476ee65ce3f313f625f

    • SHA256

      f10229955bd57b5c191ca982af89d8367d61f89ef2be2e2d79a0cfb8a5a27f6a

    • SHA512

      934fbcc913c465dd186df54ec000e85494e049606286d39442a70ab194bed0524be03d877a24d22e93ba2ec23e0d201b99e194e390c620a8d7813137cca40efb

    • SSDEEP

      3072:Tv5tt9cXgoEJk/N77w1ixVJgLzhUkNp2fAhz1WLNoXE1e3GcCFK/ksMRRpwzvjDo:TvSgnk/NgSJqzhUU2fa1WKXIOTzjELEG

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks