General
-
Target
2024-07-27_a9824e3e994e47af20cf319113f94a5c_karagany_mafia
-
Size
250KB
-
Sample
240727-lehyrszgkj
-
MD5
a9824e3e994e47af20cf319113f94a5c
-
SHA1
23c824de59e0b3a636358a18a0d28bb74e5cb5a2
-
SHA256
d59969721e97e12ebab0564704695e555c9ae9471e72250d34f3ee86eaba43b9
-
SHA512
729198da92f0c9652107b95fb7d8d434c218fbcd87251c3495b4687d066b714966251d2d912333e2894b00d8e06f09b7a5a599a03d58773e2a15f7635376e5e4
-
SSDEEP
6144:U+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxX:MOCjaklYgVIpxIhDt
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_a9824e3e994e47af20cf319113f94a5c_karagany_mafia.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-27_a9824e3e994e47af20cf319113f94a5c_karagany_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-27_a9824e3e994e47af20cf319113f94a5c_karagany_mafia
-
Size
250KB
-
MD5
a9824e3e994e47af20cf319113f94a5c
-
SHA1
23c824de59e0b3a636358a18a0d28bb74e5cb5a2
-
SHA256
d59969721e97e12ebab0564704695e555c9ae9471e72250d34f3ee86eaba43b9
-
SHA512
729198da92f0c9652107b95fb7d8d434c218fbcd87251c3495b4687d066b714966251d2d912333e2894b00d8e06f09b7a5a599a03d58773e2a15f7635376e5e4
-
SSDEEP
6144:U+YrOIBjaklexBgiJ8sTSIkIpxIp8mDtfPBRwasxX:MOCjaklYgVIpxIhDt
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-