General
-
Target
2024-03-28_f6cc87928ddc15655adef40ed1c15302_karagany_mafia
-
Size
308KB
-
Sample
240328-hvpvgacg63
-
MD5
f6cc87928ddc15655adef40ed1c15302
-
SHA1
fd593a2ca5048c00db88cdae925faf29bb64d9f0
-
SHA256
f458f5fc018a8931a64b9845499cfdec1da5cf78e505bafe0681d498e6755c04
-
SHA512
71289525d321cc85266bd8686839f4a03e99f79b80acb04b58f371d56972a0ba31dc41337c7976dd1829ed35a1987fbd6aab9a47ae1cd54b37313840900701c7
-
SSDEEP
6144:GzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:EDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_f6cc87928ddc15655adef40ed1c15302_karagany_mafia.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-28_f6cc87928ddc15655adef40ed1c15302_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-28_f6cc87928ddc15655adef40ed1c15302_karagany_mafia
-
Size
308KB
-
MD5
f6cc87928ddc15655adef40ed1c15302
-
SHA1
fd593a2ca5048c00db88cdae925faf29bb64d9f0
-
SHA256
f458f5fc018a8931a64b9845499cfdec1da5cf78e505bafe0681d498e6755c04
-
SHA512
71289525d321cc85266bd8686839f4a03e99f79b80acb04b58f371d56972a0ba31dc41337c7976dd1829ed35a1987fbd6aab9a47ae1cd54b37313840900701c7
-
SSDEEP
6144:GzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:EDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-