General
-
Target
2024-03-28_b5f1870bcff45f20c1b8a0fd0578e994_karagany_mafia
-
Size
250KB
-
Sample
240328-3lt32sbg3t
-
MD5
b5f1870bcff45f20c1b8a0fd0578e994
-
SHA1
0a2c08cde4b97807750fff37c468bb05c2873756
-
SHA256
2ba290525ade44cdc164a27dbc324db7603e5f23edaa2913544a875e36ccebee
-
SHA512
fe7037d267193aaa652d4079dcdc187185fffb5ae55b2e31eb885666f15e5d14bf33e9e187819a683e33d105a5d90ee6387d17dd233c14cefc9b61442392b7c3
-
SSDEEP
3072:q/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:q/y20Gj0r+EBFrkvlU3RvIUDOIN
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_b5f1870bcff45f20c1b8a0fd0578e994_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_b5f1870bcff45f20c1b8a0fd0578e994_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-28_b5f1870bcff45f20c1b8a0fd0578e994_karagany_mafia
-
Size
250KB
-
MD5
b5f1870bcff45f20c1b8a0fd0578e994
-
SHA1
0a2c08cde4b97807750fff37c468bb05c2873756
-
SHA256
2ba290525ade44cdc164a27dbc324db7603e5f23edaa2913544a875e36ccebee
-
SHA512
fe7037d267193aaa652d4079dcdc187185fffb5ae55b2e31eb885666f15e5d14bf33e9e187819a683e33d105a5d90ee6387d17dd233c14cefc9b61442392b7c3
-
SSDEEP
3072:q/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:q/y20Gj0r+EBFrkvlU3RvIUDOIN
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-