General
-
Target
2024-04-01_28eb496125bc532c334ced80e250959a_karagany_mafia
-
Size
258KB
-
Sample
240401-d4g4rsce3z
-
MD5
28eb496125bc532c334ced80e250959a
-
SHA1
dcce7ba6385e1af582749aa70833bfafc038bf34
-
SHA256
00b7eb97bd118410b6334fedaa547bc85563f09ade1ef2e4f8b01cbf448eec66
-
SHA512
d9bd8d53e59bc89a456c5886ffec734cc821128d58a98ae48f06946da4b3afbf3232cd43861ac43936cd737e04ce970c7071edb662e211e57bef5de87678c89d
-
SSDEEP
6144:5m1G8FVA6aJ/Ruvqdo1NGKXmhYvWVQMBCXaFhWzAJC:+FG6aJ/Qcu8Ykv2aFhUP
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_28eb496125bc532c334ced80e250959a_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_28eb496125bc532c334ced80e250959a_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_28eb496125bc532c334ced80e250959a_karagany_mafia
-
Size
258KB
-
MD5
28eb496125bc532c334ced80e250959a
-
SHA1
dcce7ba6385e1af582749aa70833bfafc038bf34
-
SHA256
00b7eb97bd118410b6334fedaa547bc85563f09ade1ef2e4f8b01cbf448eec66
-
SHA512
d9bd8d53e59bc89a456c5886ffec734cc821128d58a98ae48f06946da4b3afbf3232cd43861ac43936cd737e04ce970c7071edb662e211e57bef5de87678c89d
-
SSDEEP
6144:5m1G8FVA6aJ/Ruvqdo1NGKXmhYvWVQMBCXaFhWzAJC:+FG6aJ/Qcu8Ykv2aFhUP
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-