General
-
Target
2024-04-23_534fb401f58b0a9152f787db0254c71e_karagany_mafia
-
Size
326KB
-
Sample
240423-e91zhadb63
-
MD5
534fb401f58b0a9152f787db0254c71e
-
SHA1
1b96bbd684dfb09781c20bf8acaae326bb03f39c
-
SHA256
613aa19709072ee774bb0c6016db4c9e1443c227935f7ca11464518a9dc5099d
-
SHA512
47b1a21c96416c3e2c4e9775f5b26eae12bac5998d20f8ba6d93362b6c15793a3288b01a88b31fa0bf39486ece0df2a795fbbbea4e59a9831b1d3f6c7637da38
-
SSDEEP
3072:r+V2GtCb0nDlMTM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuX:rB/muTXkLHgPitjYVmq+T
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-23_534fb401f58b0a9152f787db0254c71e_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-23_534fb401f58b0a9152f787db0254c71e_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-23_534fb401f58b0a9152f787db0254c71e_karagany_mafia
-
Size
326KB
-
MD5
534fb401f58b0a9152f787db0254c71e
-
SHA1
1b96bbd684dfb09781c20bf8acaae326bb03f39c
-
SHA256
613aa19709072ee774bb0c6016db4c9e1443c227935f7ca11464518a9dc5099d
-
SHA512
47b1a21c96416c3e2c4e9775f5b26eae12bac5998d20f8ba6d93362b6c15793a3288b01a88b31fa0bf39486ece0df2a795fbbbea4e59a9831b1d3f6c7637da38
-
SSDEEP
3072:r+V2GtCb0nDlMTM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuX:rB/muTXkLHgPitjYVmq+T
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-