General
-
Target
2024010659d77d37447ce127e2296ad80f42aa26karaganymafia.exe
-
Size
308KB
-
Sample
240107-yc1r1sdfe8
-
MD5
59d77d37447ce127e2296ad80f42aa26
-
SHA1
d95eb8d61bae1ea74ca5a912cfb6e3efce98171c
-
SHA256
60ee15bea471255118739cf1e2032d29ddc4530f062dd847a07620947ed8b509
-
SHA512
b4ee9f6f8fa91847fad2fb900a3f439f345da7a003a880e9c09693e756f4fe77e9c0fede156eec7496536da004718027ebb98fbc70922f500cdb5ab6ad55ce6b
-
SSDEEP
6144:XzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:tDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024010659d77d37447ce127e2296ad80f42aa26karaganymafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024010659d77d37447ce127e2296ad80f42aa26karaganymafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024010659d77d37447ce127e2296ad80f42aa26karaganymafia.exe
-
Size
308KB
-
MD5
59d77d37447ce127e2296ad80f42aa26
-
SHA1
d95eb8d61bae1ea74ca5a912cfb6e3efce98171c
-
SHA256
60ee15bea471255118739cf1e2032d29ddc4530f062dd847a07620947ed8b509
-
SHA512
b4ee9f6f8fa91847fad2fb900a3f439f345da7a003a880e9c09693e756f4fe77e9c0fede156eec7496536da004718027ebb98fbc70922f500cdb5ab6ad55ce6b
-
SSDEEP
6144:XzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:tDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-