General
-
Target
2024-03-31_1f7803c53dda8e6f129badebc063abb8_gandcrab_karagany
-
Size
177KB
-
Sample
240331-prnassbd7w
-
MD5
1f7803c53dda8e6f129badebc063abb8
-
SHA1
77351e298686a3240682084348bd157932cc5367
-
SHA256
eb528959f5368774fc2ad93850fa702d8f66dffd8ee80d7c31e14481fe1f5ff2
-
SHA512
2eff121cc212f58eae054a5cedefd231e027e47168d2f27a721e7a985941b00480f0db487bec4d685d7717766c1cec00f0095b6afa960a1caf6bae5e004d8c82
-
SSDEEP
3072:JxgidvBOyONJMjNP9Fgz/z98PtM7JARKcFw40kio4eY+ykU02dbt9i+lAbHVzgWa:Jui/OyONWjvBP1RKheUkU02746Ab1zgz
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_1f7803c53dda8e6f129badebc063abb8_gandcrab_karagany.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_1f7803c53dda8e6f129badebc063abb8_gandcrab_karagany.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_1f7803c53dda8e6f129badebc063abb8_gandcrab_karagany
-
Size
177KB
-
MD5
1f7803c53dda8e6f129badebc063abb8
-
SHA1
77351e298686a3240682084348bd157932cc5367
-
SHA256
eb528959f5368774fc2ad93850fa702d8f66dffd8ee80d7c31e14481fe1f5ff2
-
SHA512
2eff121cc212f58eae054a5cedefd231e027e47168d2f27a721e7a985941b00480f0db487bec4d685d7717766c1cec00f0095b6afa960a1caf6bae5e004d8c82
-
SSDEEP
3072:JxgidvBOyONJMjNP9Fgz/z98PtM7JARKcFw40kio4eY+ykU02dbt9i+lAbHVzgWa:Jui/OyONWjvBP1RKheUkU02746Ab1zgz
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-