General
-
Target
2024-03-24_c40daabceaec8cba673298140adbf45b_karagany_mafia
-
Size
308KB
-
Sample
240324-evhjlshf33
-
MD5
c40daabceaec8cba673298140adbf45b
-
SHA1
6f02806aa01a1dc47710836e335053b2feec43c4
-
SHA256
8685de5cc3099e9644202fe907a18636897f171c2af9b2658d55b3fccce9f764
-
SHA512
c09ddb4b3afea0eac593dbe69c97f6349f867362eff0bdc9d1c81440439cf85a3c9a709a5c6c9b5499797f1e5df31188497f3d0e822727ac6b4f4d80206f40c0
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-24_c40daabceaec8cba673298140adbf45b_karagany_mafia.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-24_c40daabceaec8cba673298140adbf45b_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_c40daabceaec8cba673298140adbf45b_karagany_mafia
-
Size
308KB
-
MD5
c40daabceaec8cba673298140adbf45b
-
SHA1
6f02806aa01a1dc47710836e335053b2feec43c4
-
SHA256
8685de5cc3099e9644202fe907a18636897f171c2af9b2658d55b3fccce9f764
-
SHA512
c09ddb4b3afea0eac593dbe69c97f6349f867362eff0bdc9d1c81440439cf85a3c9a709a5c6c9b5499797f1e5df31188497f3d0e822727ac6b4f4d80206f40c0
-
SSDEEP
6144:WzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:UDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-