General
-
Target
2024-03-31_64e8ca06c555805f97a645b2dd9215f7_karagany_mafia
-
Size
250KB
-
Sample
240331-x8nxnaaa5t
-
MD5
64e8ca06c555805f97a645b2dd9215f7
-
SHA1
51d3c88973934f88278b21a209ab559c0cd87b8b
-
SHA256
73849e24d12fd395e42b151a24078bccf4e98c6b3ab62701011a0ea109fa5c83
-
SHA512
a4eb955d6ba7ef901674a8dc9da5b950e0ce3c327800edba1ffab918c034538e3e26442f8716b1e0837fb87532b00a782e1a69f415fa02ce2a40d5b92c21ae8b
-
SSDEEP
3072:T/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:T/y20Gj0r+EBFrkvlU3RvIUDOIN
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_64e8ca06c555805f97a645b2dd9215f7_karagany_mafia.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-03-31_64e8ca06c555805f97a645b2dd9215f7_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_64e8ca06c555805f97a645b2dd9215f7_karagany_mafia
-
Size
250KB
-
MD5
64e8ca06c555805f97a645b2dd9215f7
-
SHA1
51d3c88973934f88278b21a209ab559c0cd87b8b
-
SHA256
73849e24d12fd395e42b151a24078bccf4e98c6b3ab62701011a0ea109fa5c83
-
SHA512
a4eb955d6ba7ef901674a8dc9da5b950e0ce3c327800edba1ffab918c034538e3e26442f8716b1e0837fb87532b00a782e1a69f415fa02ce2a40d5b92c21ae8b
-
SSDEEP
3072:T/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:T/y20Gj0r+EBFrkvlU3RvIUDOIN
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-