General

  • Target

    10044e2d9a78de188d2257480db812c1_JaffaCakes118

  • Size

    247KB

  • Sample

    240503-jntqhscc34

  • MD5

    10044e2d9a78de188d2257480db812c1

  • SHA1

    c9be87a1c394cfb9513f88f62d18d07e8e4cd2cb

  • SHA256

    5db6a42bfbfe6429efa06f66f0d469c849f8c17c7de3c5b1a8d43c66b7e301df

  • SHA512

    c260df696eb502174b3e2ee0acd5605112f6370c434170fbe682c87d188a7845de6d95b1b9c11fe05950f6d1449b94dec6e0cc608fc2bd8b06d9fb2cc89c41ea

  • SSDEEP

    3072:3e/3l1glxNGX0+tl0BNsPmmWpOTgfgDOOK+74ArCjZ/NHkciAHaLiq7:3evEDGk+tOWmTYD/gEY/EcHKiw

Malware Config

Targets

    • Target

      10044e2d9a78de188d2257480db812c1_JaffaCakes118

    • Size

      247KB

    • MD5

      10044e2d9a78de188d2257480db812c1

    • SHA1

      c9be87a1c394cfb9513f88f62d18d07e8e4cd2cb

    • SHA256

      5db6a42bfbfe6429efa06f66f0d469c849f8c17c7de3c5b1a8d43c66b7e301df

    • SHA512

      c260df696eb502174b3e2ee0acd5605112f6370c434170fbe682c87d188a7845de6d95b1b9c11fe05950f6d1449b94dec6e0cc608fc2bd8b06d9fb2cc89c41ea

    • SSDEEP

      3072:3e/3l1glxNGX0+tl0BNsPmmWpOTgfgDOOK+74ArCjZ/NHkciAHaLiq7:3evEDGk+tOWmTYD/gEY/EcHKiw

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks