General
-
Target
2024-04-01_9dc33ff74eaf6e579824c48e57216b21_karagany_mafia
-
Size
308KB
-
Sample
240401-ekfl9sda8w
-
MD5
9dc33ff74eaf6e579824c48e57216b21
-
SHA1
feb11b5dbb63ce43b37cd6835a17259e77ee69aa
-
SHA256
12ee0e0c3bca058b34f8b89fc58fe134fd916f886bdcb5f4a6e5c497a6362d96
-
SHA512
5894aba1898a7cff52fcc2ac49c1485547ec26f69eecf07bff2e07eb5e93916ca0a8822cfff546e4f6ee74665ff12017bd400119bec3fe7238e6e492691003f2
-
SSDEEP
6144:azL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:gDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_9dc33ff74eaf6e579824c48e57216b21_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_9dc33ff74eaf6e579824c48e57216b21_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_9dc33ff74eaf6e579824c48e57216b21_karagany_mafia
-
Size
308KB
-
MD5
9dc33ff74eaf6e579824c48e57216b21
-
SHA1
feb11b5dbb63ce43b37cd6835a17259e77ee69aa
-
SHA256
12ee0e0c3bca058b34f8b89fc58fe134fd916f886bdcb5f4a6e5c497a6362d96
-
SHA512
5894aba1898a7cff52fcc2ac49c1485547ec26f69eecf07bff2e07eb5e93916ca0a8822cfff546e4f6ee74665ff12017bd400119bec3fe7238e6e492691003f2
-
SSDEEP
6144:azL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:gDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-