General
-
Target
2024-04-01_be85216239430f2374f4f6324b9b9840_gandcrab_karagany
-
Size
204KB
-
Sample
240401-dbmtjsbf4s
-
MD5
be85216239430f2374f4f6324b9b9840
-
SHA1
b740e5cf84e8364ebabe558c177c743e573dbcd0
-
SHA256
8d12de3680644dec8bf04753d5b105c70bec9909a758554d513b6615697613de
-
SHA512
f500ec68c0fc22452f8b56696f8f3a050c8efcb218b69d08000dcaeb3ac6686570eb8f7ddb39327cde53c4a50bcd4218a79b8d554893cc84615ee56271693074
-
SSDEEP
3072:VsiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:miRtc2PveOZJO5J7mPARRPXxOCCa
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_be85216239430f2374f4f6324b9b9840_gandcrab_karagany.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-04-01_be85216239430f2374f4f6324b9b9840_gandcrab_karagany.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_be85216239430f2374f4f6324b9b9840_gandcrab_karagany
-
Size
204KB
-
MD5
be85216239430f2374f4f6324b9b9840
-
SHA1
b740e5cf84e8364ebabe558c177c743e573dbcd0
-
SHA256
8d12de3680644dec8bf04753d5b105c70bec9909a758554d513b6615697613de
-
SHA512
f500ec68c0fc22452f8b56696f8f3a050c8efcb218b69d08000dcaeb3ac6686570eb8f7ddb39327cde53c4a50bcd4218a79b8d554893cc84615ee56271693074
-
SSDEEP
3072:VsiXMqtROzKFyAMewyM/N5aZJO5w+I7W1YwNGjPwBRGyPXqOO81NYvQd2a:miRtc2PveOZJO5J7mPARRPXxOCCa
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-