General
-
Target
2024-03-31_9398a48cf72789589a138523db985bfd_gandcrab_karagany
-
Size
177KB
-
Sample
240331-zer4bscb64
-
MD5
9398a48cf72789589a138523db985bfd
-
SHA1
2ef7592a83aa17ac6cbe88925602cd0488f8687d
-
SHA256
04e82f8adcfb9924bc07eec99c8de442d7af00377344b5f33528dca8d9ca304b
-
SHA512
51ae1ed3d46acbdbab25eaed90e500c19fb9d00ae986aa2bd3ca4f00fc9a9a3679c6fa38bc8d3c3dc83385c9b94dc4ed607b2136d156b6510809e690238ff153
-
SSDEEP
3072:ixgidvBOyONJMjNP9Fgz/z98PtM7JARKcFw40kio4eY+ykU02dbt9i+lAbHVzgWa:iui/OyONWjvBP1RKheUkU02746Ab1zgz
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-31_9398a48cf72789589a138523db985bfd_gandcrab_karagany.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-03-31_9398a48cf72789589a138523db985bfd_gandcrab_karagany.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-03-31_9398a48cf72789589a138523db985bfd_gandcrab_karagany
-
Size
177KB
-
MD5
9398a48cf72789589a138523db985bfd
-
SHA1
2ef7592a83aa17ac6cbe88925602cd0488f8687d
-
SHA256
04e82f8adcfb9924bc07eec99c8de442d7af00377344b5f33528dca8d9ca304b
-
SHA512
51ae1ed3d46acbdbab25eaed90e500c19fb9d00ae986aa2bd3ca4f00fc9a9a3679c6fa38bc8d3c3dc83385c9b94dc4ed607b2136d156b6510809e690238ff153
-
SSDEEP
3072:ixgidvBOyONJMjNP9Fgz/z98PtM7JARKcFw40kio4eY+ykU02dbt9i+lAbHVzgWa:iui/OyONWjvBP1RKheUkU02746Ab1zgz
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-