General
-
Target
2024-04-25_e6df65f5f4b1a848df02a92d62c77e2a_karagany_mafia
-
Size
308KB
-
Sample
240425-z16tlsfa47
-
MD5
e6df65f5f4b1a848df02a92d62c77e2a
-
SHA1
d187132b88cfdc4fde5dd0af05bbf269fc1cc2c7
-
SHA256
a14c84c2032c084e62fe8fb3ff51f2050a6da78b7206de0d11dd32f8977b92db
-
SHA512
78c93ba72785276f13e3b23f9daf8210a3a85edd94c8b79f794bbc556198d16d5a069ab94b80da2f1b139eb1b3fc54183203283ac8bb70c05d75e14e20183d27
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_e6df65f5f4b1a848df02a92d62c77e2a_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_e6df65f5f4b1a848df02a92d62c77e2a_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_e6df65f5f4b1a848df02a92d62c77e2a_karagany_mafia
-
Size
308KB
-
MD5
e6df65f5f4b1a848df02a92d62c77e2a
-
SHA1
d187132b88cfdc4fde5dd0af05bbf269fc1cc2c7
-
SHA256
a14c84c2032c084e62fe8fb3ff51f2050a6da78b7206de0d11dd32f8977b92db
-
SHA512
78c93ba72785276f13e3b23f9daf8210a3a85edd94c8b79f794bbc556198d16d5a069ab94b80da2f1b139eb1b3fc54183203283ac8bb70c05d75e14e20183d27
-
SSDEEP
6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-