General
-
Target
2024-03-28_04e6bcdf9509476a150170aa3a21165f_karagany_mafia
-
Size
250KB
-
Sample
240328-e1pj4sbh25
-
MD5
04e6bcdf9509476a150170aa3a21165f
-
SHA1
4b7d001cb491140eb3641e529991329dd6799e3f
-
SHA256
eec3640c4be0ac7cc319afef14ec76125adf6d4ed098d4a24fc2f85cde0ddfec
-
SHA512
2d1c27413f5d8c0f940b60e625280e0969a4356d04d69612facf5206715708843d187c426ace92d8a127570c727f8e2ed5dc164f1c2218036657885938fc3b0d
-
SSDEEP
6144:D+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:3OCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_04e6bcdf9509476a150170aa3a21165f_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_04e6bcdf9509476a150170aa3a21165f_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_04e6bcdf9509476a150170aa3a21165f_karagany_mafia
-
Size
250KB
-
MD5
04e6bcdf9509476a150170aa3a21165f
-
SHA1
4b7d001cb491140eb3641e529991329dd6799e3f
-
SHA256
eec3640c4be0ac7cc319afef14ec76125adf6d4ed098d4a24fc2f85cde0ddfec
-
SHA512
2d1c27413f5d8c0f940b60e625280e0969a4356d04d69612facf5206715708843d187c426ace92d8a127570c727f8e2ed5dc164f1c2218036657885938fc3b0d
-
SSDEEP
6144:D+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:3OCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-