General
-
Target
2024-03-22_949be67a831989f517c9e79eb1e3ecfc_karagany_mafia
-
Size
316KB
-
Sample
240322-lrzr2sch7w
-
MD5
949be67a831989f517c9e79eb1e3ecfc
-
SHA1
d7316dc85f1c385bc2b821bc3684d08fc7d61714
-
SHA256
604103b96c216dad182cd03a4010fae314c28e5df85e9409e9fd26e0f22aa2aa
-
SHA512
cea6ad64db26456d399e10a5b22dccae1b4e46c4a507d8dd50ae5f629545b8f11b6d947b00f42595d78f37475f963a7578abfe20b72451e40effc3ce912fa1e9
-
SSDEEP
3072:Cb9c6Cbk07hdRhduItP/emDHBNTXn7BS4FI0rzBNZ237Qct7PX432gwbNTfSmov7:CIk0DwyemtpnFD/c7QUA32bNTFeHDr
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-22_949be67a831989f517c9e79eb1e3ecfc_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-22_949be67a831989f517c9e79eb1e3ecfc_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-22_949be67a831989f517c9e79eb1e3ecfc_karagany_mafia
-
Size
316KB
-
MD5
949be67a831989f517c9e79eb1e3ecfc
-
SHA1
d7316dc85f1c385bc2b821bc3684d08fc7d61714
-
SHA256
604103b96c216dad182cd03a4010fae314c28e5df85e9409e9fd26e0f22aa2aa
-
SHA512
cea6ad64db26456d399e10a5b22dccae1b4e46c4a507d8dd50ae5f629545b8f11b6d947b00f42595d78f37475f963a7578abfe20b72451e40effc3ce912fa1e9
-
SSDEEP
3072:Cb9c6Cbk07hdRhduItP/emDHBNTXn7BS4FI0rzBNZ237Qct7PX432gwbNTfSmov7:CIk0DwyemtpnFD/c7QUA32bNTFeHDr
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-