General
-
Target
2024-03-14_c8b0005fff62cd6b9749a8ec9e2d1147_karagany_mafia
-
Size
332KB
-
Sample
240314-q9n6gsfh82
-
MD5
c8b0005fff62cd6b9749a8ec9e2d1147
-
SHA1
eb5c529c13fa47c44e67d8dcd6ba951d290dbbfa
-
SHA256
5eebe1a528296ab2aa8b79e275ed6f2712566fcd0d2e4c6a2865026ad02c38ee
-
SHA512
b5426245938b75ade5ea19384cfe790bacb56f035ac30a0ccd5eb435d212d6d75df4c70c6445c53590ef18e1bec93f346c819247bb5a18bbf93d192f70f69ee9
-
SSDEEP
6144:Ndry+Li0x1ilayXFqVBnWGJAPmrBgRk74:NdtLi0bV5WIAPM+ac
Malware Config
Targets
-
-
Target
2024-03-14_c8b0005fff62cd6b9749a8ec9e2d1147_karagany_mafia
-
Size
332KB
-
MD5
c8b0005fff62cd6b9749a8ec9e2d1147
-
SHA1
eb5c529c13fa47c44e67d8dcd6ba951d290dbbfa
-
SHA256
5eebe1a528296ab2aa8b79e275ed6f2712566fcd0d2e4c6a2865026ad02c38ee
-
SHA512
b5426245938b75ade5ea19384cfe790bacb56f035ac30a0ccd5eb435d212d6d75df4c70c6445c53590ef18e1bec93f346c819247bb5a18bbf93d192f70f69ee9
-
SSDEEP
6144:Ndry+Li0x1ilayXFqVBnWGJAPmrBgRk74:NdtLi0bV5WIAPM+ac
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-