General
-
Target
2024-03-31_e5f35ace48f86a2182eb928edd0745a2_gandcrab_karagany
-
Size
204KB
-
Sample
240331-qrb37sda85
-
MD5
e5f35ace48f86a2182eb928edd0745a2
-
SHA1
10bcd75e77e6a65d0858bd1ce8b47b6e656421c1
-
SHA256
6b35eddc71a2584e8486d182f72b2374a1a8b697fd1baa3fa1832ddd93808439
-
SHA512
82b8404d39b872baa624b2184899d7639adb1d793de23776cbc3cd48f705855f61c346ee4dbc5f300166dd836791535ac6c53d1839f76787c679c0ca7b291e4b
-
SSDEEP
3072:ssiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:NiRtc2PveOZJO5J7mPARRPXxOCCa
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_e5f35ace48f86a2182eb928edd0745a2_gandcrab_karagany.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
2024-03-31_e5f35ace48f86a2182eb928edd0745a2_gandcrab_karagany.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_e5f35ace48f86a2182eb928edd0745a2_gandcrab_karagany
-
Size
204KB
-
MD5
e5f35ace48f86a2182eb928edd0745a2
-
SHA1
10bcd75e77e6a65d0858bd1ce8b47b6e656421c1
-
SHA256
6b35eddc71a2584e8486d182f72b2374a1a8b697fd1baa3fa1832ddd93808439
-
SHA512
82b8404d39b872baa624b2184899d7639adb1d793de23776cbc3cd48f705855f61c346ee4dbc5f300166dd836791535ac6c53d1839f76787c679c0ca7b291e4b
-
SSDEEP
3072:ssiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:NiRtc2PveOZJO5J7mPARRPXxOCCa
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-