General

  • Target

    2024-09-29_5027e6b49ab2616a8f08f4c868b90dba_bkransomware_karagany

  • Size

    732KB

  • Sample

    240929-lksp6a1epd

  • MD5

    5027e6b49ab2616a8f08f4c868b90dba

  • SHA1

    f7bbc4c784fb2a30d8a018b65f2632507335590d

  • SHA256

    509c5bf724b0d3bc60cdc93c1b0f1e6710cf23edb2293d670cb8bdeaa5ac7e6f

  • SHA512

    35430b07d0ccc4e587a1cc416872a47ccfc90dd0f0fdf504f37d21725390c97c547ef73495adc1d79175cd3d3341e8ba9ff6ba7d9ee515b62d51ac3c00859956

  • SSDEEP

    6144:dBb/GhISjsUpwWx7ko0dvmfMaZaocS427zkXQj3805rSj15jBvp9HxawFH4yeK1a:dBLGO0oWp6ZmEOazhsyQt5r

Malware Config

Targets

    • Target

      2024-09-29_5027e6b49ab2616a8f08f4c868b90dba_bkransomware_karagany

    • Size

      732KB

    • MD5

      5027e6b49ab2616a8f08f4c868b90dba

    • SHA1

      f7bbc4c784fb2a30d8a018b65f2632507335590d

    • SHA256

      509c5bf724b0d3bc60cdc93c1b0f1e6710cf23edb2293d670cb8bdeaa5ac7e6f

    • SHA512

      35430b07d0ccc4e587a1cc416872a47ccfc90dd0f0fdf504f37d21725390c97c547ef73495adc1d79175cd3d3341e8ba9ff6ba7d9ee515b62d51ac3c00859956

    • SSDEEP

      6144:dBb/GhISjsUpwWx7ko0dvmfMaZaocS427zkXQj3805rSj15jBvp9HxawFH4yeK1a:dBLGO0oWp6ZmEOazhsyQt5r

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks