General

  • Target

    2024-03-24_ca732f5d81b73907fd6633d1c0afdc0b_karagany_mafia

  • Size

    308KB

  • Sample

    240324-jqhe9sba68

  • MD5

    ca732f5d81b73907fd6633d1c0afdc0b

  • SHA1

    7f4c3b5c3d9857aa1641af0ac57f6b706f01fde6

  • SHA256

    a74a10a39a28cb69ed61e8c5ca440890dddaaf57a3fc4f18faad5d3f561ba19b

  • SHA512

    106f35b6a58c7c30905be8aedba050088e19ad09b1cb6aaf9b5d4774fb37107b51fd16ab554e385f154c254f617eccb2497dd915066b46b2680a7b43e61c8815

  • SSDEEP

    6144:YEL7ShWDhbzVNam6GxI29dqG3KdYAYqTuPZu:ZDrNam62ZdKmZmuPY

Malware Config

Targets

    • Target

      2024-03-24_ca732f5d81b73907fd6633d1c0afdc0b_karagany_mafia

    • Size

      308KB

    • MD5

      ca732f5d81b73907fd6633d1c0afdc0b

    • SHA1

      7f4c3b5c3d9857aa1641af0ac57f6b706f01fde6

    • SHA256

      a74a10a39a28cb69ed61e8c5ca440890dddaaf57a3fc4f18faad5d3f561ba19b

    • SHA512

      106f35b6a58c7c30905be8aedba050088e19ad09b1cb6aaf9b5d4774fb37107b51fd16ab554e385f154c254f617eccb2497dd915066b46b2680a7b43e61c8815

    • SSDEEP

      6144:YEL7ShWDhbzVNam6GxI29dqG3KdYAYqTuPZu:ZDrNam62ZdKmZmuPY

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks