Overview

overview

10

Static

static

3

2024-04-18...ia.exe

windows7-x64

3

2024-04-18...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-18_1831f745eb872170605c299b1156ed1b_karagany_mafia

  • Size

    308KB

  • Sample

    240418-ywmdqseg9w

  • MD5

    1831f745eb872170605c299b1156ed1b

  • SHA1

    d30bbd22b6e0cf788703ba88ea8fc791beb4a4d0

  • SHA256

    df5aa67a3bfed855752918402f3bbfdde16e16deae31b7d38694793154637222

  • SHA512

    248efba869d728f9e6e28d9ff009118863aad99f3ddd5123a473b5a1178956f7303a2cb84cddc11acb83e12e75db89a0ad6ab628c51f6ad8c5c7a87d2bda5fe5

  • SSDEEP

    6144:6zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:ADHNam62ZdKmZmuPH

Score
10/10
gandcrabbackdoorransomware

Malware Config

Targets

    • Target

      2024-04-18_1831f745eb872170605c299b1156ed1b_karagany_mafia

    • Size

      308KB

    • MD5

      1831f745eb872170605c299b1156ed1b

    • SHA1

      d30bbd22b6e0cf788703ba88ea8fc791beb4a4d0

    • SHA256

      df5aa67a3bfed855752918402f3bbfdde16e16deae31b7d38694793154637222

    • SHA512

      248efba869d728f9e6e28d9ff009118863aad99f3ddd5123a473b5a1178956f7303a2cb84cddc11acb83e12e75db89a0ad6ab628c51f6ad8c5c7a87d2bda5fe5

    • SSDEEP

      6144:6zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:ADHNam62ZdKmZmuPH

    Score
    10/10
    gandcrabbackdoorransomware

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

      ransomwarebackdoorgandcrab

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks