General
-
Target
2024-03-24_c8d13f1c8afbe4f64f2b1d6bfef00342_karagany_mafia
-
Size
250KB
-
Sample
240324-cby15saf7v
-
MD5
c8d13f1c8afbe4f64f2b1d6bfef00342
-
SHA1
20f9b20da9ffc11eb18ddfb08d51e98500fcf4ad
-
SHA256
c32549f2b3140ab8637afefe3e5b8f2db5b1a47455f77e2a7b68a834a3f8c6bf
-
SHA512
f262d2640ea60890566dd4c4ef0a1be01ffd395de7f8006b3c4787ed28d0da6ebb17557c5e78b55902a4dcab52324ffbc820836f63eb6ba86c6668cd1f9de6e2
-
SSDEEP
3072:U/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:U/y20Gj0r+EBFrkvlU3RvIUDOIN
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-24_c8d13f1c8afbe4f64f2b1d6bfef00342_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_c8d13f1c8afbe4f64f2b1d6bfef00342_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_c8d13f1c8afbe4f64f2b1d6bfef00342_karagany_mafia
-
Size
250KB
-
MD5
c8d13f1c8afbe4f64f2b1d6bfef00342
-
SHA1
20f9b20da9ffc11eb18ddfb08d51e98500fcf4ad
-
SHA256
c32549f2b3140ab8637afefe3e5b8f2db5b1a47455f77e2a7b68a834a3f8c6bf
-
SHA512
f262d2640ea60890566dd4c4ef0a1be01ffd395de7f8006b3c4787ed28d0da6ebb17557c5e78b55902a4dcab52324ffbc820836f63eb6ba86c6668cd1f9de6e2
-
SSDEEP
3072:U/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:U/y20Gj0r+EBFrkvlU3RvIUDOIN
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-