General
-
Target
2024-04-01_7a6f91ee5ac540cda15a7da284ae2149_gandcrab_karagany
-
Size
204KB
-
Sample
240401-c6axssbd8s
-
MD5
7a6f91ee5ac540cda15a7da284ae2149
-
SHA1
08e8e33075baf37ef16ba8ac5d539ade66a64747
-
SHA256
e923a9332f1726ee24a3b4d3f4db56d1b2f22369f1befe0f14d1bb5f2ee27d68
-
SHA512
1c3045e8a5e9d20e453563ea58f337e1a797f3256c789e78902bd342019717017b6f22d1df8456fe46d4bb978839c943c88b013f1738ac5bdd01fbf998c816aa
-
SSDEEP
3072:RsiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:CiRtc2PveOZJO5J7mPARRPXxOCCa
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_7a6f91ee5ac540cda15a7da284ae2149_gandcrab_karagany.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_7a6f91ee5ac540cda15a7da284ae2149_gandcrab_karagany.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_7a6f91ee5ac540cda15a7da284ae2149_gandcrab_karagany
-
Size
204KB
-
MD5
7a6f91ee5ac540cda15a7da284ae2149
-
SHA1
08e8e33075baf37ef16ba8ac5d539ade66a64747
-
SHA256
e923a9332f1726ee24a3b4d3f4db56d1b2f22369f1befe0f14d1bb5f2ee27d68
-
SHA512
1c3045e8a5e9d20e453563ea58f337e1a797f3256c789e78902bd342019717017b6f22d1df8456fe46d4bb978839c943c88b013f1738ac5bdd01fbf998c816aa
-
SSDEEP
3072:RsiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:CiRtc2PveOZJO5J7mPARRPXxOCCa
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-