General
-
Target
2024-05-04_fbb38fde1603f358b7e8464f37713f7f_karagany_mafia
-
Size
308KB
-
Sample
240504-ebg4qsfd42
-
MD5
fbb38fde1603f358b7e8464f37713f7f
-
SHA1
6b03c6542e7b00f98cb8c00ffdc9ad8d2144c780
-
SHA256
59dc6e3705e8c1d76f99469bdd4ca41eb3aa1e74888d67dc8eef97d06facf0fd
-
SHA512
a7ebd2a8bff66b79c0cf810a1edb64b1e2033aa58161f5e12ccea687a1bb1ccc6e96ae265937b5be2d10b9d05154d3a489fd8f3430334f171cc201bbaac916ad
-
SSDEEP
6144:JzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:XDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-04_fbb38fde1603f358b7e8464f37713f7f_karagany_mafia.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-04_fbb38fde1603f358b7e8464f37713f7f_karagany_mafia.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-05-04_fbb38fde1603f358b7e8464f37713f7f_karagany_mafia
-
Size
308KB
-
MD5
fbb38fde1603f358b7e8464f37713f7f
-
SHA1
6b03c6542e7b00f98cb8c00ffdc9ad8d2144c780
-
SHA256
59dc6e3705e8c1d76f99469bdd4ca41eb3aa1e74888d67dc8eef97d06facf0fd
-
SHA512
a7ebd2a8bff66b79c0cf810a1edb64b1e2033aa58161f5e12ccea687a1bb1ccc6e96ae265937b5be2d10b9d05154d3a489fd8f3430334f171cc201bbaac916ad
-
SSDEEP
6144:JzL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:XDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-