General
-
Target
2024-04-22_3e51211c8d03500330f87b4237a445b0_mafia
-
Size
316KB
-
Sample
240422-v44ffadh85
-
MD5
3e51211c8d03500330f87b4237a445b0
-
SHA1
6d224c1d6f670b4dcc798dc3c498d4800ed39e34
-
SHA256
8708f5c9056ccac32adc0cc5b82cba8b0ddd8d3b616aac37c3cceef79c4960fd
-
SHA512
009252229029826fbf5c7ef1fd642b4972af8935ecbaad6a52f6fdfbf2fdd1a966de9ebe361bfd9c1bad78b88487ee05f6e9ea07a3a4db87cbb5a7b1926069ca
-
SSDEEP
6144:JvF3NMO1UnseVgkV0xwvfxnhLTiusLe1740Y:DdM0Unsna5mut40Y
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-22_3e51211c8d03500330f87b4237a445b0_mafia.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-22_3e51211c8d03500330f87b4237a445b0_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-22_3e51211c8d03500330f87b4237a445b0_mafia
-
Size
316KB
-
MD5
3e51211c8d03500330f87b4237a445b0
-
SHA1
6d224c1d6f670b4dcc798dc3c498d4800ed39e34
-
SHA256
8708f5c9056ccac32adc0cc5b82cba8b0ddd8d3b616aac37c3cceef79c4960fd
-
SHA512
009252229029826fbf5c7ef1fd642b4972af8935ecbaad6a52f6fdfbf2fdd1a966de9ebe361bfd9c1bad78b88487ee05f6e9ea07a3a4db87cbb5a7b1926069ca
-
SSDEEP
6144:JvF3NMO1UnseVgkV0xwvfxnhLTiusLe1740Y:DdM0Unsna5mut40Y
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-