General
-
Target
2024-07-07_7104e2ade44c390cb87033f2249b0c97_karagany_mafia
-
Size
200KB
-
Sample
240707-zp5geayakr
-
MD5
7104e2ade44c390cb87033f2249b0c97
-
SHA1
4bf5bb0f68490be78b3e8a8133e1a79c47432ed0
-
SHA256
6d575812a701f3cbf081873989914976287e46a9cc8d732bd83ac7f6944ceb98
-
SHA512
1c7760b0302a2839fa8783aa81a8d4f8ea7313397d57c0a8c4c4d9820c4da57766c993a50a4804bbb0a1c7bd591fccafcfa283c9d50f95408663b8cf3897cd98
-
SSDEEP
3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fI21Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNf1Ljo3c
Behavioral task
behavioral1
Sample
2024-07-07_7104e2ade44c390cb87033f2249b0c97_karagany_mafia.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-07_7104e2ade44c390cb87033f2249b0c97_karagany_mafia.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
2024-07-07_7104e2ade44c390cb87033f2249b0c97_karagany_mafia
-
Size
200KB
-
MD5
7104e2ade44c390cb87033f2249b0c97
-
SHA1
4bf5bb0f68490be78b3e8a8133e1a79c47432ed0
-
SHA256
6d575812a701f3cbf081873989914976287e46a9cc8d732bd83ac7f6944ceb98
-
SHA512
1c7760b0302a2839fa8783aa81a8d4f8ea7313397d57c0a8c4c4d9820c4da57766c993a50a4804bbb0a1c7bd591fccafcfa283c9d50f95408663b8cf3897cd98
-
SSDEEP
3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fI21Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNf1Ljo3c
Score10/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-