General
-
Target
2024-03-31_01de6de10bb5e1659d3be19c38e52f63_karagany_mafia
-
Size
222KB
-
Sample
240331-mfxzraah22
-
MD5
01de6de10bb5e1659d3be19c38e52f63
-
SHA1
e974f866362afa973de6667fa1c02087fcba91d0
-
SHA256
d2dccc7b048b10edf9ef19f007bb42fcfc583c9a4c961b2f860323524ca3dc85
-
SHA512
47f53d05e3da3584ffef4734650cb62de8fcf607c6aefdf1f11294415081e581c7b6e8cc0de8af661ac705744ce05a5cd8609142ff3314dcb781bf4b8f371f35
-
SSDEEP
3072:MBbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:MBkYKZSYYnS1xecmoT2nYbdEKs/
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_01de6de10bb5e1659d3be19c38e52f63_karagany_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-03-31_01de6de10bb5e1659d3be19c38e52f63_karagany_mafia.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-03-31_01de6de10bb5e1659d3be19c38e52f63_karagany_mafia
-
Size
222KB
-
MD5
01de6de10bb5e1659d3be19c38e52f63
-
SHA1
e974f866362afa973de6667fa1c02087fcba91d0
-
SHA256
d2dccc7b048b10edf9ef19f007bb42fcfc583c9a4c961b2f860323524ca3dc85
-
SHA512
47f53d05e3da3584ffef4734650cb62de8fcf607c6aefdf1f11294415081e581c7b6e8cc0de8af661ac705744ce05a5cd8609142ff3314dcb781bf4b8f371f35
-
SSDEEP
3072:MBbWxYKFDnqvffIj0nStxBN3cwqvcQr3YTfVEPnYbl3/YrDAEioKhAv/:MBkYKZSYYnS1xecmoT2nYbdEKs/
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-