General
-
Target
2024-04-17_f84f7ee56ddc51653b90f774c978b4f2_karagany_mafia
-
Size
326KB
-
Sample
240417-zrzc6sfb81
-
MD5
f84f7ee56ddc51653b90f774c978b4f2
-
SHA1
924c124619596849e7bc10b67667398fd219fc5f
-
SHA256
066e4920274bbad2f3d49856b54816635b0de8e3dd515f4c35957ec131308f6f
-
SHA512
1203770a58e88105237a0bed794f27f780183bf4ad2dd3ccfc060658f0cc65cd9123281c0eb0ddd0cf17b8b1a7ee1936345f5341b6e4ce504d071146ea495b7c
-
SSDEEP
3072:M+V2GtObCnDl0TM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuR:MB3USTXkLHgPitjYVmq+9
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-17_f84f7ee56ddc51653b90f774c978b4f2_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-17_f84f7ee56ddc51653b90f774c978b4f2_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-17_f84f7ee56ddc51653b90f774c978b4f2_karagany_mafia
-
Size
326KB
-
MD5
f84f7ee56ddc51653b90f774c978b4f2
-
SHA1
924c124619596849e7bc10b67667398fd219fc5f
-
SHA256
066e4920274bbad2f3d49856b54816635b0de8e3dd515f4c35957ec131308f6f
-
SHA512
1203770a58e88105237a0bed794f27f780183bf4ad2dd3ccfc060658f0cc65cd9123281c0eb0ddd0cf17b8b1a7ee1936345f5341b6e4ce504d071146ea495b7c
-
SSDEEP
3072:M+V2GtObCnDl0TM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuR:MB3USTXkLHgPitjYVmq+9
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-