General
-
Target
2024-03-28_5e930470deadb1aae9cb9fa67fa89f98_karagany_mafia
-
Size
308KB
-
Sample
240328-nrlxashb94
-
MD5
5e930470deadb1aae9cb9fa67fa89f98
-
SHA1
0ef1f2f4308f94fd1447fe4779f0f8f015683420
-
SHA256
7acd52a72da17d0aa87de2f6764f7a4f790ce4ae0e8118598716b73bed766774
-
SHA512
44c5be044ad3f06142476f3f5c85ef9f7fb57a6d07646a5c5ef49ae40ef1db3ed3cbb31f9d1d6521a95bc195efdd18887753479ac57c647d395b239f069ea041
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-28_5e930470deadb1aae9cb9fa67fa89f98_karagany_mafia.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-03-28_5e930470deadb1aae9cb9fa67fa89f98_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-28_5e930470deadb1aae9cb9fa67fa89f98_karagany_mafia
-
Size
308KB
-
MD5
5e930470deadb1aae9cb9fa67fa89f98
-
SHA1
0ef1f2f4308f94fd1447fe4779f0f8f015683420
-
SHA256
7acd52a72da17d0aa87de2f6764f7a4f790ce4ae0e8118598716b73bed766774
-
SHA512
44c5be044ad3f06142476f3f5c85ef9f7fb57a6d07646a5c5ef49ae40ef1db3ed3cbb31f9d1d6521a95bc195efdd18887753479ac57c647d395b239f069ea041
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-