General
-
Target
2024-05-06_f193c191f57e48b82f227b179d8abac9_karagany_mafia
-
Size
308KB
-
Sample
240506-y48a6sce92
-
MD5
f193c191f57e48b82f227b179d8abac9
-
SHA1
e6964d6fb12f71709a2780871f9b27a43ef2dd3b
-
SHA256
5ccbf9c226b6c38409020986f6d6a84c952fa50f78f8d18b6e91997b86c8b14f
-
SHA512
409d2fe6a04874b260e5963c13bf66dc13049256fa77a0a5cef75f030f60f93abf0644466f3424ba13808d8d17422e1dbf6e0e2366f7d599cece3aea11a2049f
-
SSDEEP
6144:5zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:HDHNam62ZdKmZmuPH
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-06_f193c191f57e48b82f227b179d8abac9_karagany_mafia.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-05-06_f193c191f57e48b82f227b179d8abac9_karagany_mafia.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-05-06_f193c191f57e48b82f227b179d8abac9_karagany_mafia
-
Size
308KB
-
MD5
f193c191f57e48b82f227b179d8abac9
-
SHA1
e6964d6fb12f71709a2780871f9b27a43ef2dd3b
-
SHA256
5ccbf9c226b6c38409020986f6d6a84c952fa50f78f8d18b6e91997b86c8b14f
-
SHA512
409d2fe6a04874b260e5963c13bf66dc13049256fa77a0a5cef75f030f60f93abf0644466f3424ba13808d8d17422e1dbf6e0e2366f7d599cece3aea11a2049f
-
SSDEEP
6144:5zL7ShWDLVzVNam6GxI29dqG3KdYAYqTuPZp:HDHNam62ZdKmZmuPH
Score10/10-
GandCrab payload
-
Detects Reflective DLL injection artifacts
-
Detects ransomware indicator
-
Gandcrab Payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-