General
-
Target
2024-03-31_739740208f644693b3f80109e57f0058_karagany_mafia
-
Size
258KB
-
Sample
240331-vadb6afb5y
-
MD5
739740208f644693b3f80109e57f0058
-
SHA1
00c24f22d8b4bbe995ad7758ad751b0f06482215
-
SHA256
00ff81ac3838548eb0275f00be5d264dc20334c35d49c3de76fb9cdebafab523
-
SHA512
0c565612bb58ecbceb00820966238058f4fc2f116c23280efa54bafb263ecddf2f974e3ccd811885dcf4fd315e913164eb12115d303f1979de8d3b9d2be016e4
-
SSDEEP
6144:Om1G8FVA6aJ/Ruvqdo1NGKXmhYvWVQMBCXaFhWzAJC:RFG6aJ/Qcu8Ykv2aFhUP
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_739740208f644693b3f80109e57f0058_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_739740208f644693b3f80109e57f0058_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_739740208f644693b3f80109e57f0058_karagany_mafia
-
Size
258KB
-
MD5
739740208f644693b3f80109e57f0058
-
SHA1
00c24f22d8b4bbe995ad7758ad751b0f06482215
-
SHA256
00ff81ac3838548eb0275f00be5d264dc20334c35d49c3de76fb9cdebafab523
-
SHA512
0c565612bb58ecbceb00820966238058f4fc2f116c23280efa54bafb263ecddf2f974e3ccd811885dcf4fd315e913164eb12115d303f1979de8d3b9d2be016e4
-
SSDEEP
6144:Om1G8FVA6aJ/Ruvqdo1NGKXmhYvWVQMBCXaFhWzAJC:RFG6aJ/Qcu8Ykv2aFhUP
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-