General
-
Target
2024-04-12_7382106915da1016166e0ce9a2b18eaa_karagany_mafia
-
Size
425KB
-
Sample
240412-nm4ljsaa78
-
MD5
7382106915da1016166e0ce9a2b18eaa
-
SHA1
57f50469b608cdd54ec9baa3eae63c247d3ec979
-
SHA256
744a1ec3261450837f8c9b1242e123d2928a5d6c7f6839e22e22319069a16101
-
SHA512
1c42ad88eaf23edac98cbf786ee14a0cea8d4fb6c8ba4032bdbe52c035e0737ca278270de2b31c7882e5116adf014c5e397b1ed22aed38d10eef2ce36cb83c1a
-
SSDEEP
6144:NV8WkJntg7zTULdAa7sumOVgibHVyKurXXgENi73LGDJ:N8ntm/U5a/tAArXXLNmKDJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-12_7382106915da1016166e0ce9a2b18eaa_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-12_7382106915da1016166e0ce9a2b18eaa_karagany_mafia.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
2024-04-12_7382106915da1016166e0ce9a2b18eaa_karagany_mafia
-
Size
425KB
-
MD5
7382106915da1016166e0ce9a2b18eaa
-
SHA1
57f50469b608cdd54ec9baa3eae63c247d3ec979
-
SHA256
744a1ec3261450837f8c9b1242e123d2928a5d6c7f6839e22e22319069a16101
-
SHA512
1c42ad88eaf23edac98cbf786ee14a0cea8d4fb6c8ba4032bdbe52c035e0737ca278270de2b31c7882e5116adf014c5e397b1ed22aed38d10eef2ce36cb83c1a
-
SSDEEP
6144:NV8WkJntg7zTULdAa7sumOVgibHVyKurXXgENi73LGDJ:N8ntm/U5a/tAArXXLNmKDJ
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-