General
-
Target
2024-04-26_226a16ff67ff652a0b91a9e30a6961c4_karagany_mafia
-
Size
308KB
-
Sample
240426-tl44ksga8s
-
MD5
226a16ff67ff652a0b91a9e30a6961c4
-
SHA1
b9083a0ba872748b56287d34b53c7430e0c5ae23
-
SHA256
f1ec557466753c0fb125d76179359d1b7945e369ebfd4759b3117c09e67f3469
-
SHA512
15036bf2856b4a798287574f72d6ba156719b44e82afe639e11a7e43df0c7b2085e904b0308697c6f34301b7813aae8a4a4fa04fa7f6cfc77db5ad4f682c80c1
-
SSDEEP
6144:LzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:5DHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-26_226a16ff67ff652a0b91a9e30a6961c4_karagany_mafia.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-26_226a16ff67ff652a0b91a9e30a6961c4_karagany_mafia.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-26_226a16ff67ff652a0b91a9e30a6961c4_karagany_mafia
-
Size
308KB
-
MD5
226a16ff67ff652a0b91a9e30a6961c4
-
SHA1
b9083a0ba872748b56287d34b53c7430e0c5ae23
-
SHA256
f1ec557466753c0fb125d76179359d1b7945e369ebfd4759b3117c09e67f3469
-
SHA512
15036bf2856b4a798287574f72d6ba156719b44e82afe639e11a7e43df0c7b2085e904b0308697c6f34301b7813aae8a4a4fa04fa7f6cfc77db5ad4f682c80c1
-
SSDEEP
6144:LzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:5DHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-