General
-
Target
2024-04-23_b1c24eb74cbb258399195d0d035ad471_karagany_mafia
-
Size
308KB
-
Sample
240423-eefebacf7z
-
MD5
b1c24eb74cbb258399195d0d035ad471
-
SHA1
3a9069290b991a8852b867e3197cc2535b524cd2
-
SHA256
04341d91118087cfe7f600fb322333c48b2a5338c99b75b076f09a07fb85b1b9
-
SHA512
11793c1f319fe3698f6ab10488df2c5c6742312593432b56332eadeb3e18ae41f0311962d27900691d9c1b8c89f299b648fbefd744d455942665a7b9ca7cab89
-
SSDEEP
6144:jzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:xDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-23_b1c24eb74cbb258399195d0d035ad471_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-23_b1c24eb74cbb258399195d0d035ad471_karagany_mafia.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-23_b1c24eb74cbb258399195d0d035ad471_karagany_mafia
-
Size
308KB
-
MD5
b1c24eb74cbb258399195d0d035ad471
-
SHA1
3a9069290b991a8852b867e3197cc2535b524cd2
-
SHA256
04341d91118087cfe7f600fb322333c48b2a5338c99b75b076f09a07fb85b1b9
-
SHA512
11793c1f319fe3698f6ab10488df2c5c6742312593432b56332eadeb3e18ae41f0311962d27900691d9c1b8c89f299b648fbefd744d455942665a7b9ca7cab89
-
SSDEEP
6144:jzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:xDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-