General
-
Target
2024-03-28_c0c5614ac0a153d608df6fd6499a148e_karagany_mafia
-
Size
250KB
-
Sample
240328-fjn3paca87
-
MD5
c0c5614ac0a153d608df6fd6499a148e
-
SHA1
bfe252a8f5a26e3ffa51b225ca072e89cebb7696
-
SHA256
bf43f71b58b1f3fc2c1f873e326adaaa06a145a9bf43431d170563f4c6447001
-
SHA512
03a47909f330f09be97aefa82e40b8a09eeac155f4ddaeb9c0101dfb49be6515f48a88b63c4cb59a0175decbabf79e87bbb998d3b90657fe6e05452c393ad072
-
SSDEEP
3072:R/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:R/y20Gj0r+EBFrkvlU3RvIUDOIN
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_c0c5614ac0a153d608df6fd6499a148e_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-28_c0c5614ac0a153d608df6fd6499a148e_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-28_c0c5614ac0a153d608df6fd6499a148e_karagany_mafia
-
Size
250KB
-
MD5
c0c5614ac0a153d608df6fd6499a148e
-
SHA1
bfe252a8f5a26e3ffa51b225ca072e89cebb7696
-
SHA256
bf43f71b58b1f3fc2c1f873e326adaaa06a145a9bf43431d170563f4c6447001
-
SHA512
03a47909f330f09be97aefa82e40b8a09eeac155f4ddaeb9c0101dfb49be6515f48a88b63c4cb59a0175decbabf79e87bbb998d3b90657fe6e05452c393ad072
-
SSDEEP
3072:R/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:R/y20Gj0r+EBFrkvlU3RvIUDOIN
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-