General
-
Target
2024-04-01_8042fb43b14f84a45a95840fd0a051dd_karagany_mafia
-
Size
250KB
-
Sample
240401-gdyklsfc72
-
MD5
8042fb43b14f84a45a95840fd0a051dd
-
SHA1
6cb07081500958d1c481dc9b210a3cc75681c498
-
SHA256
cdac9737ab47eb1b56ac346721b60378daae80e9d49d2984de9eed7a1331c570
-
SHA512
57de16486343bc0e49a2b26ba0a03321fbb5f2cd1c8c4868f7f4148e9f0febb07864677a65d45c90bbb0732e80710c0ea64fcf9c748becd02d3887102dcd7c28
-
SSDEEP
3072:U/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:U/y20Gj0r+EBFrkvlU3RvIUDOIN
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-01_8042fb43b14f84a45a95840fd0a051dd_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-01_8042fb43b14f84a45a95840fd0a051dd_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-01_8042fb43b14f84a45a95840fd0a051dd_karagany_mafia
-
Size
250KB
-
MD5
8042fb43b14f84a45a95840fd0a051dd
-
SHA1
6cb07081500958d1c481dc9b210a3cc75681c498
-
SHA256
cdac9737ab47eb1b56ac346721b60378daae80e9d49d2984de9eed7a1331c570
-
SHA512
57de16486343bc0e49a2b26ba0a03321fbb5f2cd1c8c4868f7f4148e9f0febb07864677a65d45c90bbb0732e80710c0ea64fcf9c748becd02d3887102dcd7c28
-
SSDEEP
3072:U/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOd3:U/y20Gj0r+EBFrkvlU3RvIUDOIN
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-