General
-
Target
2024-03-29_b66e1a3bc705601c95f1c9c70b19f177_karagany_mafia
-
Size
222KB
-
Sample
240329-xlf9asfd4t
-
MD5
b66e1a3bc705601c95f1c9c70b19f177
-
SHA1
4a7dbeac8d5c9dca821620e6db20976349b4e553
-
SHA256
6c67bf39a8874a1311db7fbea77d3b24a39c6d1b050482f53fbb82aa109e0940
-
SHA512
a6724f054814c33bd68137679638ce8ad5ee29f756601d2c1bf57d8c364d47db9b51eb522f9bf3c0d007a468dcc7a14955b8b1de9890408f978f55cdb6d1e4ff
-
SSDEEP
3072:iBbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:iBkYKZSYYnS1xecmoT2nYbdEKs/
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-29_b66e1a3bc705601c95f1c9c70b19f177_karagany_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-03-29_b66e1a3bc705601c95f1c9c70b19f177_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-29_b66e1a3bc705601c95f1c9c70b19f177_karagany_mafia
-
Size
222KB
-
MD5
b66e1a3bc705601c95f1c9c70b19f177
-
SHA1
4a7dbeac8d5c9dca821620e6db20976349b4e553
-
SHA256
6c67bf39a8874a1311db7fbea77d3b24a39c6d1b050482f53fbb82aa109e0940
-
SHA512
a6724f054814c33bd68137679638ce8ad5ee29f756601d2c1bf57d8c364d47db9b51eb522f9bf3c0d007a468dcc7a14955b8b1de9890408f978f55cdb6d1e4ff
-
SSDEEP
3072:iBbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:iBkYKZSYYnS1xecmoT2nYbdEKs/
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-