Analysis

  • max time kernel
    131s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-05-2024 19:35

General

  • Target

    2024-05-31_cf9dac8a0daf7b2ac51b006d0c0fcc00_bkransomware_gandcrab_karagany.exe

  • Size

    155KB

  • MD5

    cf9dac8a0daf7b2ac51b006d0c0fcc00

  • SHA1

    f3cd556ee4545b2f7b4ef254c2652abb227a8587

  • SHA256

    bcd0fa724bb0e8e7536fe197e363fe5d0dc3c99419e61b1e84a53b377648d137

  • SHA512

    4c0ddd5e0accb6c014b5079a1df5c5a211095d4cb3483fe60f62534b5ae2f0b6bf43ddcb26580f7905b9b60eb7d086e69c89f120da865991c04f5dc4ce87afa1

  • SSDEEP

    3072:l5K/B0toLQSNJzlZHQsozTS+SMqqDL2/TrKfmG:lcytwtp1yTS+xqqDL6HKP

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-05-31_cf9dac8a0daf7b2ac51b006d0c0fcc00_bkransomware_gandcrab_karagany.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-05-31_cf9dac8a0daf7b2ac51b006d0c0fcc00_bkransomware_gandcrab_karagany.exe"
    1⤵
      PID:1836
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1836 -s 272
        2⤵
        • Program crash
        PID:3080
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1836 -ip 1836
      1⤵
        PID:2444

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads