General

  • Target

    2024-03-23_ed4c69e9ad6bafa17098c9286898930a_karagany_mafia

  • Size

    255KB

  • Sample

    240323-3w9lgsha3v

  • MD5

    ed4c69e9ad6bafa17098c9286898930a

  • SHA1

    7d51ba6c4ae5140970095e106bc02ef5310ccd69

  • SHA256

    44263c7dfca4a562f6e3d1cd99b98713f5fc8e9cb85b6e104c605e75fc17f618

  • SHA512

    a0d1ef4387715b4282f9c67f0ba4dff42ac30c5da79de684fe9bfb7e4ca29c5445f85659a0b55a49fbdcc2dd1898250d628914802ad220150fc12e7b78167ee7

  • SSDEEP

    3072:I5/3l1gl9NGX0Ntl0BNsPmmWpOTgfgDOOK+74ArCjZ/NHkciAHaLiq2:I5vEnGkNtOWmTYD/gEY/EcHKi1

Malware Config

Targets

    • Target

      2024-03-23_ed4c69e9ad6bafa17098c9286898930a_karagany_mafia

    • Size

      255KB

    • MD5

      ed4c69e9ad6bafa17098c9286898930a

    • SHA1

      7d51ba6c4ae5140970095e106bc02ef5310ccd69

    • SHA256

      44263c7dfca4a562f6e3d1cd99b98713f5fc8e9cb85b6e104c605e75fc17f618

    • SHA512

      a0d1ef4387715b4282f9c67f0ba4dff42ac30c5da79de684fe9bfb7e4ca29c5445f85659a0b55a49fbdcc2dd1898250d628914802ad220150fc12e7b78167ee7

    • SSDEEP

      3072:I5/3l1gl9NGX0Ntl0BNsPmmWpOTgfgDOOK+74ArCjZ/NHkciAHaLiq2:I5vEnGkNtOWmTYD/gEY/EcHKi1

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks