General
-
Target
2025-01-08_7a8da5a27f2980ee3aca1ed65afda98e_karagany_mafia
-
Size
249KB
-
Sample
250108-pqy1xaslgp
-
MD5
7a8da5a27f2980ee3aca1ed65afda98e
-
SHA1
dd2abdfb819d76eec528bf9cd695579af41f3efa
-
SHA256
0e8c7e19d61bf31e09bb26768b57d1afa8d11f1c14e40cb04b8b728fb2c4cb21
-
SHA512
8c6f773614022e6da7391d04aa79305e93b156da30e878e8494323a06b76f02399ffdca37c32d5a15d336af4848e8127d7e155b561377ad3ae6ec6ee72f68134
-
SSDEEP
6144:4a1G8FVA6axUvuYQvcsYwQ7pPRSuOvSYhMw7:PFG6axU+wfR5tQMU
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-08_7a8da5a27f2980ee3aca1ed65afda98e_karagany_mafia.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2025-01-08_7a8da5a27f2980ee3aca1ed65afda98e_karagany_mafia.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2025-01-08_7a8da5a27f2980ee3aca1ed65afda98e_karagany_mafia
-
Size
249KB
-
MD5
7a8da5a27f2980ee3aca1ed65afda98e
-
SHA1
dd2abdfb819d76eec528bf9cd695579af41f3efa
-
SHA256
0e8c7e19d61bf31e09bb26768b57d1afa8d11f1c14e40cb04b8b728fb2c4cb21
-
SHA512
8c6f773614022e6da7391d04aa79305e93b156da30e878e8494323a06b76f02399ffdca37c32d5a15d336af4848e8127d7e155b561377ad3ae6ec6ee72f68134
-
SSDEEP
6144:4a1G8FVA6axUvuYQvcsYwQ7pPRSuOvSYhMw7:PFG6axU+wfR5tQMU
Score10/10-
GandCrab payload
-
Gandcrab family
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-