General
-
Target
2024-04-01_ad79cabed4c941b744830b1b38cc554e_karagany_mafia
-
Size
250KB
-
Sample
240401-cfat4sah66
-
MD5
ad79cabed4c941b744830b1b38cc554e
-
SHA1
9c7082e608d0c2eae2f7a5fdf1923e94e4e66ee7
-
SHA256
f2340a662d6597bf223ea986532db4ccf29cca8aa94e8038a5dc831b1b412e88
-
SHA512
7f19d816cc2e540bb9483e7fefe68adf110ebc5803d6a2f3ff179d195888503df8f9c280ffe56b6460a359cfe6f0998c07cba0327b316d80fde69a03f7b462d7
-
SSDEEP
6144:I+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:QOCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_ad79cabed4c941b744830b1b38cc554e_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_ad79cabed4c941b744830b1b38cc554e_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_ad79cabed4c941b744830b1b38cc554e_karagany_mafia
-
Size
250KB
-
MD5
ad79cabed4c941b744830b1b38cc554e
-
SHA1
9c7082e608d0c2eae2f7a5fdf1923e94e4e66ee7
-
SHA256
f2340a662d6597bf223ea986532db4ccf29cca8aa94e8038a5dc831b1b412e88
-
SHA512
7f19d816cc2e540bb9483e7fefe68adf110ebc5803d6a2f3ff179d195888503df8f9c280ffe56b6460a359cfe6f0998c07cba0327b316d80fde69a03f7b462d7
-
SSDEEP
6144:I+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:QOCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-