General
-
Target
2024-04-23_0b07f15d3e34983a1fa0513b754c7cb9_karagany_mafia
-
Size
326KB
-
Sample
240423-e1f8qsda2y
-
MD5
0b07f15d3e34983a1fa0513b754c7cb9
-
SHA1
8dfc38439f5e8053224799da4947cebe7ed2f248
-
SHA256
c78888a85fb179ff2bbd133efb1b106b6341f404f6b97b8cd4d50af334e1486b
-
SHA512
ac3d817ac5f0097cebf8cc6c7765d72e6d122366f462b74006a3592112fa7a6c4a675608fd7d923f260e33d40181c2cea725fa28c0b292f6d2ab08c1c4f54eda
-
SSDEEP
3072:v+V2GtCb0nDlGTM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuW:vB/moTXkLHgPitjYVmq+a
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-23_0b07f15d3e34983a1fa0513b754c7cb9_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-23_0b07f15d3e34983a1fa0513b754c7cb9_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-23_0b07f15d3e34983a1fa0513b754c7cb9_karagany_mafia
-
Size
326KB
-
MD5
0b07f15d3e34983a1fa0513b754c7cb9
-
SHA1
8dfc38439f5e8053224799da4947cebe7ed2f248
-
SHA256
c78888a85fb179ff2bbd133efb1b106b6341f404f6b97b8cd4d50af334e1486b
-
SHA512
ac3d817ac5f0097cebf8cc6c7765d72e6d122366f462b74006a3592112fa7a6c4a675608fd7d923f260e33d40181c2cea725fa28c0b292f6d2ab08c1c4f54eda
-
SSDEEP
3072:v+V2GtCb0nDlGTM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuW:vB/moTXkLHgPitjYVmq+a
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-