General
-
Target
20240106b07dc2d08f1672f2dedfe0c025561b76karaganymafia.exe
-
Size
308KB
-
Sample
240107-yaglcscfek
-
MD5
b07dc2d08f1672f2dedfe0c025561b76
-
SHA1
1e7f3a33add3aad8b6d8a0f9814de72e0e895f5d
-
SHA256
4f195de4d7d96caa58a33f70593b0e6cdc4250df5c0c10b4e058bba05ce386aa
-
SHA512
49f257188e2dab42788453c8263c5e5461290f6b66962157188285e3190274a83dd84fea6b0ad4202a125fcb7ce485b06646076beb4cd735573c93717ac17651
-
SSDEEP
6144:pzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:3DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
20240106b07dc2d08f1672f2dedfe0c025561b76karaganymafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
20240106b07dc2d08f1672f2dedfe0c025561b76karaganymafia.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
20240106b07dc2d08f1672f2dedfe0c025561b76karaganymafia.exe
-
Size
308KB
-
MD5
b07dc2d08f1672f2dedfe0c025561b76
-
SHA1
1e7f3a33add3aad8b6d8a0f9814de72e0e895f5d
-
SHA256
4f195de4d7d96caa58a33f70593b0e6cdc4250df5c0c10b4e058bba05ce386aa
-
SHA512
49f257188e2dab42788453c8263c5e5461290f6b66962157188285e3190274a83dd84fea6b0ad4202a125fcb7ce485b06646076beb4cd735573c93717ac17651
-
SSDEEP
6144:pzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:3DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-