General
-
Target
2024-04-01_0147dbcec8e6fc4344501a832da5b7e4_karagany_mafia
-
Size
308KB
-
Sample
240401-dyc8macc6y
-
MD5
0147dbcec8e6fc4344501a832da5b7e4
-
SHA1
0b372a7b5fe60a14c22778926a7de11f85532a42
-
SHA256
d3cc28c5c9b40f44fe4d4ea2c7edabb2c92ed44827c6d3244be6a5810c7d2fac
-
SHA512
d0c9cb5f305c7f55813773ad373e3d73eddde3987640398736a3bd7395439679ab0867b1cabed0e49bcc6eea3ed69e41dbd4c54ff26cc88fac958c475000448f
-
SSDEEP
6144:pzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:3DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_0147dbcec8e6fc4344501a832da5b7e4_karagany_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-01_0147dbcec8e6fc4344501a832da5b7e4_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_0147dbcec8e6fc4344501a832da5b7e4_karagany_mafia
-
Size
308KB
-
MD5
0147dbcec8e6fc4344501a832da5b7e4
-
SHA1
0b372a7b5fe60a14c22778926a7de11f85532a42
-
SHA256
d3cc28c5c9b40f44fe4d4ea2c7edabb2c92ed44827c6d3244be6a5810c7d2fac
-
SHA512
d0c9cb5f305c7f55813773ad373e3d73eddde3987640398736a3bd7395439679ab0867b1cabed0e49bcc6eea3ed69e41dbd4c54ff26cc88fac958c475000448f
-
SSDEEP
6144:pzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:3DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-