General
-
Target
2024-04-01_861900f28b1f35a9883b8326306284bc_karagany_mafia
-
Size
250KB
-
Sample
240401-egvl1sdc99
-
MD5
861900f28b1f35a9883b8326306284bc
-
SHA1
a7720614c8243ef0ec5b3d97a1d80a0f467635da
-
SHA256
e3f953fa4bdbe995ec9bcb6da14f7b2ebd659fff2b9fd8045b9ee68c50089714
-
SHA512
be01b7ac8c57420100a8f7d1016c147a71539ff3f871a9aad9d17463bc6735a41528052a1733a3e75f27dd5d7a4ba0ded49a348f8aea567a7db555ea7ad143a4
-
SSDEEP
6144:9+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:9OCjaklYgVIpxIhDtR
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_861900f28b1f35a9883b8326306284bc_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_861900f28b1f35a9883b8326306284bc_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_861900f28b1f35a9883b8326306284bc_karagany_mafia
-
Size
250KB
-
MD5
861900f28b1f35a9883b8326306284bc
-
SHA1
a7720614c8243ef0ec5b3d97a1d80a0f467635da
-
SHA256
e3f953fa4bdbe995ec9bcb6da14f7b2ebd659fff2b9fd8045b9ee68c50089714
-
SHA512
be01b7ac8c57420100a8f7d1016c147a71539ff3f871a9aad9d17463bc6735a41528052a1733a3e75f27dd5d7a4ba0ded49a348f8aea567a7db555ea7ad143a4
-
SSDEEP
6144:9+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxXq:9OCjaklYgVIpxIhDtR
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-