General
-
Target
2024-02-12_4b1ddb05ea514ca266e209bff9475c94_karagany_mafia
-
Size
308KB
-
Sample
240212-ypckysda69
-
MD5
4b1ddb05ea514ca266e209bff9475c94
-
SHA1
4353ecb2115b79ebc75f38eb25ac6e04e6775bec
-
SHA256
39a11a38f30c3a93783e5334b7addd054a03eeba47c5f0e5deb58fd8eaeb9a1c
-
SHA512
a769be3a054b500ec5627a995e7388388d41df454f4a3658bae625b0bbe84bfd34499e62860d700d3ecfd9cb1fa4caabb8ca2b43ca7a9d606c88219bfa5f1f37
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-02-12_4b1ddb05ea514ca266e209bff9475c94_karagany_mafia.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2024-02-12_4b1ddb05ea514ca266e209bff9475c94_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-02-12_4b1ddb05ea514ca266e209bff9475c94_karagany_mafia
-
Size
308KB
-
MD5
4b1ddb05ea514ca266e209bff9475c94
-
SHA1
4353ecb2115b79ebc75f38eb25ac6e04e6775bec
-
SHA256
39a11a38f30c3a93783e5334b7addd054a03eeba47c5f0e5deb58fd8eaeb9a1c
-
SHA512
a769be3a054b500ec5627a995e7388388d41df454f4a3658bae625b0bbe84bfd34499e62860d700d3ecfd9cb1fa4caabb8ca2b43ca7a9d606c88219bfa5f1f37
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-