General
-
Target
2024-04-22_9c10d16398a3c2318d58c9cac74dc6bd_mafia
-
Size
316KB
-
Sample
240422-3erpcahf62
-
MD5
9c10d16398a3c2318d58c9cac74dc6bd
-
SHA1
90a72e0a2db2ff1908c18ab34e5030338dfde175
-
SHA256
e5433523f041af63e902d9f26ba29f727fb155501c9c4154b784418903ef17a0
-
SHA512
b64d4a1430d84062d602c1105faeac57846f87f4bad81b99e5162f89e7d031daeef9b3b688a318ea3636ffa0cb336db6156460776df64f1e9ccd33b181ec8a5a
-
SSDEEP
6144:JvJANMO1UnseVgkV0xwvfxnhLTiusLe1740A:buM0Unsna5mut40A
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-22_9c10d16398a3c2318d58c9cac74dc6bd_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-22_9c10d16398a3c2318d58c9cac74dc6bd_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-22_9c10d16398a3c2318d58c9cac74dc6bd_mafia
-
Size
316KB
-
MD5
9c10d16398a3c2318d58c9cac74dc6bd
-
SHA1
90a72e0a2db2ff1908c18ab34e5030338dfde175
-
SHA256
e5433523f041af63e902d9f26ba29f727fb155501c9c4154b784418903ef17a0
-
SHA512
b64d4a1430d84062d602c1105faeac57846f87f4bad81b99e5162f89e7d031daeef9b3b688a318ea3636ffa0cb336db6156460776df64f1e9ccd33b181ec8a5a
-
SSDEEP
6144:JvJANMO1UnseVgkV0xwvfxnhLTiusLe1740A:buM0Unsna5mut40A
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-