General
-
Target
2024-03-24_72c91899bfa673a7594be72cae51bce7_karagany_mafia
-
Size
222KB
-
Sample
240324-npjn6acc92
-
MD5
72c91899bfa673a7594be72cae51bce7
-
SHA1
cb92c024f57b9db408a66eccc8d1afc7df60d93c
-
SHA256
f52a6df331f3ce528f9f5608d3698227831cf7c713f5ea41770a4a90ee223409
-
SHA512
49621d3f742d8755a83be180f90599ff1843e39e1af7064259bac0018643bbf0429d6477e2afb259a59dc2e77ba8739d85e05951a590ff7407338ce2d018e5a2
-
SSDEEP
3072:1BbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:1BkYKZSYYnS1xecmoT2nYbdEKs/
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-24_72c91899bfa673a7594be72cae51bce7_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-24_72c91899bfa673a7594be72cae51bce7_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-24_72c91899bfa673a7594be72cae51bce7_karagany_mafia
-
Size
222KB
-
MD5
72c91899bfa673a7594be72cae51bce7
-
SHA1
cb92c024f57b9db408a66eccc8d1afc7df60d93c
-
SHA256
f52a6df331f3ce528f9f5608d3698227831cf7c713f5ea41770a4a90ee223409
-
SHA512
49621d3f742d8755a83be180f90599ff1843e39e1af7064259bac0018643bbf0429d6477e2afb259a59dc2e77ba8739d85e05951a590ff7407338ce2d018e5a2
-
SSDEEP
3072:1BbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:1BkYKZSYYnS1xecmoT2nYbdEKs/
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-