General
-
Target
2024-04-18_8732fdad1731d3c260dfb29196b3ae96_karagany_mafia
-
Size
308KB
-
Sample
240418-y4ec4adg94
-
MD5
8732fdad1731d3c260dfb29196b3ae96
-
SHA1
a6d1d61824d7938292b1ec264241f569f891beb6
-
SHA256
c808310129485ffe5874d6e076a915de8af18f47c35a81d455fec04c663c6213
-
SHA512
69f63344fed991753eb65d1c668f4728aaaa41db827c2c1f0929996cf896b57d623d11c07b1878114e0163ba6adbd9765490a906d11d9ac1af26914ef91ddc44
-
SSDEEP
6144:3zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:NDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-18_8732fdad1731d3c260dfb29196b3ae96_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-18_8732fdad1731d3c260dfb29196b3ae96_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-18_8732fdad1731d3c260dfb29196b3ae96_karagany_mafia
-
Size
308KB
-
MD5
8732fdad1731d3c260dfb29196b3ae96
-
SHA1
a6d1d61824d7938292b1ec264241f569f891beb6
-
SHA256
c808310129485ffe5874d6e076a915de8af18f47c35a81d455fec04c663c6213
-
SHA512
69f63344fed991753eb65d1c668f4728aaaa41db827c2c1f0929996cf896b57d623d11c07b1878114e0163ba6adbd9765490a906d11d9ac1af26914ef91ddc44
-
SSDEEP
6144:3zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:NDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-