General

  • Target

    2024-05-03_124ab4428f98e2e3f559b437d5a9a728_karagany_mafia

  • Size

    308KB

  • Sample

    240503-f5j1vsac44

  • MD5

    124ab4428f98e2e3f559b437d5a9a728

  • SHA1

    2ccf0b9fc4e99f4b13129d8c433436451be11140

  • SHA256

    9e7ad42bd45f9a56f95cfe5b6b4655b660dd3c03ea383b50cd4c0ac60a42ddeb

  • SHA512

    bf201b6d0ee65c06bd28cebd5bdfd728c456aa5052660f3d90c245f0cc2615187f335806eeb85ecc1f694ebd0d26f7d0ab96c0791c4a1ca3e69a79a0348262c6

  • SSDEEP

    6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH

Malware Config

Targets

    • Target

      2024-05-03_124ab4428f98e2e3f559b437d5a9a728_karagany_mafia

    • Size

      308KB

    • MD5

      124ab4428f98e2e3f559b437d5a9a728

    • SHA1

      2ccf0b9fc4e99f4b13129d8c433436451be11140

    • SHA256

      9e7ad42bd45f9a56f95cfe5b6b4655b660dd3c03ea383b50cd4c0ac60a42ddeb

    • SHA512

      bf201b6d0ee65c06bd28cebd5bdfd728c456aa5052660f3d90c245f0cc2615187f335806eeb85ecc1f694ebd0d26f7d0ab96c0791c4a1ca3e69a79a0348262c6

    • SSDEEP

      6144:YzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:+DHNam62ZdKmZmuPH

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Detects Reflective DLL injection artifacts

    • Detects ransomware indicator

    • Gandcrab Payload

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks