General
-
Target
2024-04-17_63967dfade939bebf8bc1de98c8204b2_karagany_mafia
-
Size
425KB
-
Sample
240417-zb6sbadf32
-
MD5
63967dfade939bebf8bc1de98c8204b2
-
SHA1
340531093024811de32c82efcaae0a17cdef126c
-
SHA256
0e71f5903fc7233435aff4688e06bd3d17547907ba1b85ef1090b76db4197426
-
SHA512
6f9ccc174752aefdbf3a88a756d8abbf19f42c372001584cb40e115261b61e9d240ee7f583eecc5cd558c1ead30674302a589d5981de0b35e27d62078ee9af05
-
SSDEEP
6144:YVOWkGntgizTULdAa7sumOVgibHVyKurXXgENi73LGGJ:YxntD/U5a/tAArXXLNmKGJ
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-17_63967dfade939bebf8bc1de98c8204b2_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-17_63967dfade939bebf8bc1de98c8204b2_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-17_63967dfade939bebf8bc1de98c8204b2_karagany_mafia
-
Size
425KB
-
MD5
63967dfade939bebf8bc1de98c8204b2
-
SHA1
340531093024811de32c82efcaae0a17cdef126c
-
SHA256
0e71f5903fc7233435aff4688e06bd3d17547907ba1b85ef1090b76db4197426
-
SHA512
6f9ccc174752aefdbf3a88a756d8abbf19f42c372001584cb40e115261b61e9d240ee7f583eecc5cd558c1ead30674302a589d5981de0b35e27d62078ee9af05
-
SSDEEP
6144:YVOWkGntgizTULdAa7sumOVgibHVyKurXXgENi73LGGJ:YxntD/U5a/tAArXXLNmKGJ
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-