General
-
Target
2024-02-12_e69e0b3c27dc930c08322d2ce5e573bc_karagany_mafia
-
Size
308KB
-
Sample
240212-y71eqsdc94
-
MD5
e69e0b3c27dc930c08322d2ce5e573bc
-
SHA1
e05a15e1589df1cd1ba4553bf535a44cf2c4c30f
-
SHA256
1fae499ee20f0377fd35e957049710d57d15e4b64927284f902f6714430d3b2e
-
SHA512
37eac4b3838dbd2db8ccb88622c703bd83f4c0b66085e64b8fb97223e268dacd231a0ef323ac6cdd9b86ccc086bfb25ea76f98edaed18a26568a577e4619e661
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_e69e0b3c27dc930c08322d2ce5e573bc_karagany_mafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_e69e0b3c27dc930c08322d2ce5e573bc_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_e69e0b3c27dc930c08322d2ce5e573bc_karagany_mafia
-
Size
308KB
-
MD5
e69e0b3c27dc930c08322d2ce5e573bc
-
SHA1
e05a15e1589df1cd1ba4553bf535a44cf2c4c30f
-
SHA256
1fae499ee20f0377fd35e957049710d57d15e4b64927284f902f6714430d3b2e
-
SHA512
37eac4b3838dbd2db8ccb88622c703bd83f4c0b66085e64b8fb97223e268dacd231a0ef323ac6cdd9b86ccc086bfb25ea76f98edaed18a26568a577e4619e661
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-