General
-
Target
2024-07-29_eaf57c28a00d581c67e67a8af07bb3e7_karagany_mafia
-
Size
266KB
-
Sample
240729-qqy7cavcne
-
MD5
eaf57c28a00d581c67e67a8af07bb3e7
-
SHA1
c38c04fd98820ec6db13a0ee2b1430a001da9a6a
-
SHA256
6c43d6634c3ea0cd8f88d5808261a1a25f6c1c01844fc1230787e8f12bc11b8e
-
SHA512
46b7baf360d738aec7b6ccca3b1fff48dafed15947fb103928a8ed9b2e3fe132edde75cfc3c86206edfa56e97f55220b999bb007e42c78404b6fb6fe33e4e57b
-
SSDEEP
3072:9/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOdt:9/y20Gj0r+EBFrkvlU3RvIUDOIT
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-29_eaf57c28a00d581c67e67a8af07bb3e7_karagany_mafia.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
2024-07-29_eaf57c28a00d581c67e67a8af07bb3e7_karagany_mafia.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-29_eaf57c28a00d581c67e67a8af07bb3e7_karagany_mafia
-
Size
266KB
-
MD5
eaf57c28a00d581c67e67a8af07bb3e7
-
SHA1
c38c04fd98820ec6db13a0ee2b1430a001da9a6a
-
SHA256
6c43d6634c3ea0cd8f88d5808261a1a25f6c1c01844fc1230787e8f12bc11b8e
-
SHA512
46b7baf360d738aec7b6ccca3b1fff48dafed15947fb103928a8ed9b2e3fe132edde75cfc3c86206edfa56e97f55220b999bb007e42c78404b6fb6fe33e4e57b
-
SSDEEP
3072:9/yK5d0Gj0+nY3uEBLvBNfdUR2/qFnB8o2+vU3WuvIBuj00nReaXkuSQ7cdOdt:9/y20Gj0r+EBFrkvlU3RvIUDOIT
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-