General
-
Target
202401069b51d58437423eb39f382c5190daa282karaganymafia.exe
-
Size
257KB
-
Sample
240107-x95a2adef4
-
MD5
9b51d58437423eb39f382c5190daa282
-
SHA1
d308b00ba546b2ef0a18c280312678ebb411b4de
-
SHA256
106c9740c49cbdddf6d14794c5b95adde09720adc34c31de6d5d09ac1db0c931
-
SHA512
06838fbdd5857a71064245a5949fb37d1aab855462c29858e8d2fa2b6d086197affe6950c43f707a20495306964a4c7ec98131c11018b23fa221a1897524fc6a
-
SSDEEP
6144:FJvXbVklS/zDiWsg4Ig1ubxq6ckd+QWm5iGgw3Y9:/VklS/qHg4EbVckYBJGT3Y9
Static task
static1
Behavioral task
behavioral1
Sample
202401069b51d58437423eb39f382c5190daa282karaganymafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
202401069b51d58437423eb39f382c5190daa282karaganymafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
202401069b51d58437423eb39f382c5190daa282karaganymafia.exe
-
Size
257KB
-
MD5
9b51d58437423eb39f382c5190daa282
-
SHA1
d308b00ba546b2ef0a18c280312678ebb411b4de
-
SHA256
106c9740c49cbdddf6d14794c5b95adde09720adc34c31de6d5d09ac1db0c931
-
SHA512
06838fbdd5857a71064245a5949fb37d1aab855462c29858e8d2fa2b6d086197affe6950c43f707a20495306964a4c7ec98131c11018b23fa221a1897524fc6a
-
SSDEEP
6144:FJvXbVklS/zDiWsg4Ig1ubxq6ckd+QWm5iGgw3Y9:/VklS/qHg4EbVckYBJGT3Y9
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-