General
-
Target
2024-04-25_8a4953c4b6a1aa3822d530cec0a464d1_karagany_mafia
-
Size
308KB
-
Sample
240425-zveg6seg51
-
MD5
8a4953c4b6a1aa3822d530cec0a464d1
-
SHA1
84bd3f49dfaee91408cb0c04c7ee85b89f0a4fb2
-
SHA256
6913da51949243eac8c386430bc70c1351de8c89c14c28540ffb427f223eb52a
-
SHA512
119b5a68e1016c02c42139e79d66c1529c9ed5de7cefc80170edf95729dd7470c520d5967ada6be3e02743e0de91e37112a0547ff96faf23bb153eb7ab671e33
-
SSDEEP
6144:hzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:vDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-25_8a4953c4b6a1aa3822d530cec0a464d1_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-25_8a4953c4b6a1aa3822d530cec0a464d1_karagany_mafia.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
2024-04-25_8a4953c4b6a1aa3822d530cec0a464d1_karagany_mafia
-
Size
308KB
-
MD5
8a4953c4b6a1aa3822d530cec0a464d1
-
SHA1
84bd3f49dfaee91408cb0c04c7ee85b89f0a4fb2
-
SHA256
6913da51949243eac8c386430bc70c1351de8c89c14c28540ffb427f223eb52a
-
SHA512
119b5a68e1016c02c42139e79d66c1529c9ed5de7cefc80170edf95729dd7470c520d5967ada6be3e02743e0de91e37112a0547ff96faf23bb153eb7ab671e33
-
SSDEEP
6144:hzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:vDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-