General
-
Target
2024-03-24_baec4efdd78adfa12238f186e93924ba_karagany_mafia
-
Size
308KB
-
Sample
240324-jnvyksba52
-
MD5
baec4efdd78adfa12238f186e93924ba
-
SHA1
d58fd5aba330bc81297cd68e10c6323b8fb685e4
-
SHA256
d127717ee5b0899b12703c0a444b06a456361e4d761eca3bf5a59b1ac6e6e1f0
-
SHA512
38c8b897c87e5ed894baf0cb6a7c1a35dcc07e8769d286cd5ae99531d0aac7473c804d1f2ff034b7874fb316ff6042ae7d9e9540878da86c7e54ff7efc33d754
-
SSDEEP
6144:vzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:FDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-24_baec4efdd78adfa12238f186e93924ba_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_baec4efdd78adfa12238f186e93924ba_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_baec4efdd78adfa12238f186e93924ba_karagany_mafia
-
Size
308KB
-
MD5
baec4efdd78adfa12238f186e93924ba
-
SHA1
d58fd5aba330bc81297cd68e10c6323b8fb685e4
-
SHA256
d127717ee5b0899b12703c0a444b06a456361e4d761eca3bf5a59b1ac6e6e1f0
-
SHA512
38c8b897c87e5ed894baf0cb6a7c1a35dcc07e8769d286cd5ae99531d0aac7473c804d1f2ff034b7874fb316ff6042ae7d9e9540878da86c7e54ff7efc33d754
-
SSDEEP
6144:vzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:FDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-