General

  • Target

    513a01c8569b908387d65706669045c0_NEIKI

  • Size

    283KB

  • Sample

    240507-2dtxmseb37

  • MD5

    513a01c8569b908387d65706669045c0

  • SHA1

    0c9d244146cd57636d0917e7614dac36475224ab

  • SHA256

    fbd682978a0bbbc678671fe91f23bec2d219f3fbd53a1f02b647e7954b4bfe5c

  • SHA512

    ba2bd6b0e75536c2361718d9f35199ae2c83d405b4916b87cc56efb79d47855871e3bba2105b64b9fe95404c1da401ce053669a4f2c7157f12f11953b5ee77f1

  • SSDEEP

    6144:+6jtiQHr3ByVh4YDI/MlCm5mFW9tmLxLP9+Eiu9Uo9hNqnvT8vRiXdx97/uciL:+GTghljl+wKl1+/u9Uovsr8vRiXdx97C

Malware Config

Targets

    • Target

      513a01c8569b908387d65706669045c0_NEIKI

    • Size

      283KB

    • MD5

      513a01c8569b908387d65706669045c0

    • SHA1

      0c9d244146cd57636d0917e7614dac36475224ab

    • SHA256

      fbd682978a0bbbc678671fe91f23bec2d219f3fbd53a1f02b647e7954b4bfe5c

    • SHA512

      ba2bd6b0e75536c2361718d9f35199ae2c83d405b4916b87cc56efb79d47855871e3bba2105b64b9fe95404c1da401ce053669a4f2c7157f12f11953b5ee77f1

    • SSDEEP

      6144:+6jtiQHr3ByVh4YDI/MlCm5mFW9tmLxLP9+Eiu9Uo9hNqnvT8vRiXdx97/uciL:+GTghljl+wKl1+/u9Uovsr8vRiXdx97C

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks