General
-
Target
2024-03-24_eb1dd2372c30fd74f4049edb1f182398_karagany_mafia
-
Size
250KB
-
Sample
240324-mqqnesca62
-
MD5
eb1dd2372c30fd74f4049edb1f182398
-
SHA1
9a539558a45954f88ddf9127682e590d7813cf4c
-
SHA256
a2fdeab6519ecaa092667cde96fa92e6cf70ca2b0ee786376b6df59229a7986a
-
SHA512
2806121622054bcf3c9ee4c77195e44ab19f4831cac1a1826be9fcf1a89ebbada8a8a8f8907938f100c87a1c560757941c0d65ce05d3d7c0674ed70726df9a1e
-
SSDEEP
6144:G+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:yOCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-24_eb1dd2372c30fd74f4049edb1f182398_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_eb1dd2372c30fd74f4049edb1f182398_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_eb1dd2372c30fd74f4049edb1f182398_karagany_mafia
-
Size
250KB
-
MD5
eb1dd2372c30fd74f4049edb1f182398
-
SHA1
9a539558a45954f88ddf9127682e590d7813cf4c
-
SHA256
a2fdeab6519ecaa092667cde96fa92e6cf70ca2b0ee786376b6df59229a7986a
-
SHA512
2806121622054bcf3c9ee4c77195e44ab19f4831cac1a1826be9fcf1a89ebbada8a8a8f8907938f100c87a1c560757941c0d65ce05d3d7c0674ed70726df9a1e
-
SSDEEP
6144:G+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:yOCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-