General
-
Target
2024-01-27_2d4f0e1bdcd62800e4e161540b16741f_mafia
-
Size
300KB
-
Sample
240127-nk52labbf7
-
MD5
2d4f0e1bdcd62800e4e161540b16741f
-
SHA1
baf6e4b5506f80ef178b0713b209b114c2ebc4fd
-
SHA256
f163b6ef7abb5db887d7b9497e71b911666d9e22b7b1736305888ad17cfd14c4
-
SHA512
affd6d0859172c2e533678005979b6e097b087e2ae0f124c1ee04e4ef47aa554c6b563f8ca2138bb2e591c71c16ca7c94c066fe1a1cfadcd6458a88a82bd37b2
-
SSDEEP
6144:4vEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:XuM0Unsna5mut40B
Static task
static1
Behavioral task
behavioral1
Sample
2024-01-27_2d4f0e1bdcd62800e4e161540b16741f_mafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-01-27_2d4f0e1bdcd62800e4e161540b16741f_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-01-27_2d4f0e1bdcd62800e4e161540b16741f_mafia
-
Size
300KB
-
MD5
2d4f0e1bdcd62800e4e161540b16741f
-
SHA1
baf6e4b5506f80ef178b0713b209b114c2ebc4fd
-
SHA256
f163b6ef7abb5db887d7b9497e71b911666d9e22b7b1736305888ad17cfd14c4
-
SHA512
affd6d0859172c2e533678005979b6e097b087e2ae0f124c1ee04e4ef47aa554c6b563f8ca2138bb2e591c71c16ca7c94c066fe1a1cfadcd6458a88a82bd37b2
-
SSDEEP
6144:4vEANMO1UnseVgkV0xwvfxnhLTiusLe1740B:XuM0Unsna5mut40B
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-