General
-
Target
2024-04-01_2a52b4d19db87a4d6a038c145bc86f3f_karagany_mafia
-
Size
250KB
-
Sample
240401-e35zwade6v
-
MD5
2a52b4d19db87a4d6a038c145bc86f3f
-
SHA1
c2582b0e9c736f7ad52f9147b225e5b56eeee07d
-
SHA256
cdcc469b59e9961a846f142703531df8d28ae593bd29d0afd8d2cf6938d2c212
-
SHA512
932efa497ae206c4ac182f9a7a84fb7f201be9932efd0a2387e1f3b67b0cc5f38d149801bf7ec08d17f9d883f7633c8e6da3b76ea7f02b1a6d67b612a8d7f7ed
-
SSDEEP
6144:F+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:FOCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_2a52b4d19db87a4d6a038c145bc86f3f_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_2a52b4d19db87a4d6a038c145bc86f3f_karagany_mafia.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-04-01_2a52b4d19db87a4d6a038c145bc86f3f_karagany_mafia
-
Size
250KB
-
MD5
2a52b4d19db87a4d6a038c145bc86f3f
-
SHA1
c2582b0e9c736f7ad52f9147b225e5b56eeee07d
-
SHA256
cdcc469b59e9961a846f142703531df8d28ae593bd29d0afd8d2cf6938d2c212
-
SHA512
932efa497ae206c4ac182f9a7a84fb7f201be9932efd0a2387e1f3b67b0cc5f38d149801bf7ec08d17f9d883f7633c8e6da3b76ea7f02b1a6d67b612a8d7f7ed
-
SSDEEP
6144:F+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:FOCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-