Overview

overview

10

Static

static

10

eedcecffff...9f.exe

windows7_x64

6

eedcecffff...9f.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eedcecffff81ea4efe01079090d3b1bc7ad4326571fb4a14cf10c32222081d9f

  • Size

    70KB

  • Sample

    220625-jka41adha3

  • MD5

    ba651e87fb35f7cd2b657a75884c5a12

  • SHA1

    598a19dd236e854a83e55b7457195c2412203fec

  • SHA256

    eedcecffff81ea4efe01079090d3b1bc7ad4326571fb4a14cf10c32222081d9f

  • SHA512

    42f911cbed75708a9bf1ab9f3987f11f8340535da670d762f332cd69f4ed400055a0590596bf33930934ead584c9ccb3e1a1bb6bfb9ecb278143a83c9afe0f83

Score
10/10
gandcrabpersistence

Malware Config

Targets

    • Target

      eedcecffff81ea4efe01079090d3b1bc7ad4326571fb4a14cf10c32222081d9f

    • Size

      70KB

    • MD5

      ba651e87fb35f7cd2b657a75884c5a12

    • SHA1

      598a19dd236e854a83e55b7457195c2412203fec

    • SHA256

      eedcecffff81ea4efe01079090d3b1bc7ad4326571fb4a14cf10c32222081d9f

    • SHA512

      42f911cbed75708a9bf1ab9f3987f11f8340535da670d762f332cd69f4ed400055a0590596bf33930934ead584c9ccb3e1a1bb6bfb9ecb278143a83c9afe0f83

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks