Analysis
-
max time kernel
139s -
max time network
132s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
20-06-2024 06:37
Behavioral task
behavioral1
Sample
2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe
Resource
win7-20240611-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe
-
Size
155KB
-
MD5
a090425e1ab06d7c5349b42f825fb2c2
-
SHA1
e55d03805c9242816033834a030e9f93913955a6
-
SHA256
fb83f1638eac81e8f2e1b8b072e260d13af2e8d62b91edea23363851bcca95d0
-
SHA512
3c89d0cfc3d287e1eb3583f64f354b62b7c89723bbeae54bfc4181248aa0216dbcd755cf5bdff7a75c7983ccf86be284b0bc2606136ece04c9d3a7e130beba4e
-
SSDEEP
3072:S5K/B0toLafSNJzlxwsx89TSdBgjMqqDL2/TOKnYG:ScytwP2TTSdBgQqqDL6SKt
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1768 3912 WerFault.exe 2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe"C:\Users\Admin\AppData\Local\Temp\2024-06-20_a090425e1ab06d7c5349b42f825fb2c2_bkransomware_gandcrab_karagany.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3912 -s 2642⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3912 -ip 39121⤵