General
-
Target
2024-03-29_ad043eb3fee9cdb4d9e6f1402d13a7f5_karagany_mafia
-
Size
308KB
-
Sample
240329-vn5zbsdb6z
-
MD5
ad043eb3fee9cdb4d9e6f1402d13a7f5
-
SHA1
0b195a0afb9fc11293a26d01cba182d918c49bee
-
SHA256
cbb895ab9a8ca3d176603fea40c88d6efb2b6ab00d7145ea67f606e5ac8d92b0
-
SHA512
8516979c34c76e9dbb081e0da864aa9990594ad52f28d32434ae64ecc399aba76e42a3c4e96fcd7a6a3f68c48937ccee6258c8a3bc28d244872683377cce4a27
-
SSDEEP
6144:lzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:bDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_ad043eb3fee9cdb4d9e6f1402d13a7f5_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-29_ad043eb3fee9cdb4d9e6f1402d13a7f5_karagany_mafia.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-03-29_ad043eb3fee9cdb4d9e6f1402d13a7f5_karagany_mafia
-
Size
308KB
-
MD5
ad043eb3fee9cdb4d9e6f1402d13a7f5
-
SHA1
0b195a0afb9fc11293a26d01cba182d918c49bee
-
SHA256
cbb895ab9a8ca3d176603fea40c88d6efb2b6ab00d7145ea67f606e5ac8d92b0
-
SHA512
8516979c34c76e9dbb081e0da864aa9990594ad52f28d32434ae64ecc399aba76e42a3c4e96fcd7a6a3f68c48937ccee6258c8a3bc28d244872683377cce4a27
-
SSDEEP
6144:lzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:bDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-