General
-
Target
2024-03-29_a347829a3be0af323f6d006ce99d5788_karagany_mafia
-
Size
250KB
-
Sample
240329-a5mtvsda2z
-
MD5
a347829a3be0af323f6d006ce99d5788
-
SHA1
eb63ddb31e2d26a65bce2e68d50854ef751af61a
-
SHA256
2103a50c220e0f8951ce6c112b3f11fa1c7f34b1592ecedb0e650f153fda6223
-
SHA512
bd01e00f04e74adbc8e3d7a1ebbe6c68f80424d2c8d31152ebea3633fc199d56386dc78a37ecd1dbd1759fe9506d0b3467129270395a5c17d7185236211c4598
-
SSDEEP
6144:Y+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:AOCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_a347829a3be0af323f6d006ce99d5788_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_a347829a3be0af323f6d006ce99d5788_karagany_mafia.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2024-03-29_a347829a3be0af323f6d006ce99d5788_karagany_mafia
-
Size
250KB
-
MD5
a347829a3be0af323f6d006ce99d5788
-
SHA1
eb63ddb31e2d26a65bce2e68d50854ef751af61a
-
SHA256
2103a50c220e0f8951ce6c112b3f11fa1c7f34b1592ecedb0e650f153fda6223
-
SHA512
bd01e00f04e74adbc8e3d7a1ebbe6c68f80424d2c8d31152ebea3633fc199d56386dc78a37ecd1dbd1759fe9506d0b3467129270395a5c17d7185236211c4598
-
SSDEEP
6144:Y+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:AOCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-