General
-
Target
02e46f7a85a1c08499442547c2666738_JaffaCakes118
-
Size
282KB
-
Sample
240427-k1jazsfc32
-
MD5
02e46f7a85a1c08499442547c2666738
-
SHA1
d2c5488baebc1ff27adab75e825479e8fb151053
-
SHA256
87d6d18b3160fce90ff7d4340203e06973242a06c32d7709299dc0c8a7c261dc
-
SHA512
1b21308587ce19d2af20cf2d4ab2c4f17b92de163ee6e055a23885df30263d0b45a89e8d5a61aa378eb6fe8ab4ef6fd576e0ad0c0dd157ec1934a7d2e20ee150
-
SSDEEP
3072:sHD65ZCQ1X+18P9VOGAOd36rBNbCp4X4WD6DS3pA4LyOVZMNR0hdUWhAoNGLfKG+:sHDQCQ1V/9AOdK+K4W+WVZMNqdrNykm8
Malware Config
Targets
-
-
Target
02e46f7a85a1c08499442547c2666738_JaffaCakes118
-
Size
282KB
-
MD5
02e46f7a85a1c08499442547c2666738
-
SHA1
d2c5488baebc1ff27adab75e825479e8fb151053
-
SHA256
87d6d18b3160fce90ff7d4340203e06973242a06c32d7709299dc0c8a7c261dc
-
SHA512
1b21308587ce19d2af20cf2d4ab2c4f17b92de163ee6e055a23885df30263d0b45a89e8d5a61aa378eb6fe8ab4ef6fd576e0ad0c0dd157ec1934a7d2e20ee150
-
SSDEEP
3072:sHD65ZCQ1X+18P9VOGAOd36rBNbCp4X4WD6DS3pA4LyOVZMNR0hdUWhAoNGLfKG+:sHDQCQ1V/9AOdK+K4W+WVZMNqdrNykm8
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-