General

  • Target

    12a59ecc7f82ddee8058dd48cdedf003_JaffaCakes118

  • Size

    184KB

  • Sample

    240504-n7b22add9w

  • MD5

    12a59ecc7f82ddee8058dd48cdedf003

  • SHA1

    6b5c74f0b518706f6b84f4dbfd428674f11da3cd

  • SHA256

    052cd997f47d392c3251ccd960725f77be862571591bcf8c696b545902c7f80c

  • SHA512

    b2c491c27f63883586fc0d18f56ffd37201724d4e3edc382a7129b702f77c6e58a178df7339a4096c6fcfd46bb490a50e534c7a10a5be0911cbfc0a8db74d2d6

  • SSDEEP

    3072:i1DS10uoQG2di0wR9m42FXc9BWYwj8B25T7NmwZR5DDX/mnANuDtTKh:iFGcf9mb2k8B25Th8nAg+h

Malware Config

Targets

    • Target

      12a59ecc7f82ddee8058dd48cdedf003_JaffaCakes118

    • Size

      184KB

    • MD5

      12a59ecc7f82ddee8058dd48cdedf003

    • SHA1

      6b5c74f0b518706f6b84f4dbfd428674f11da3cd

    • SHA256

      052cd997f47d392c3251ccd960725f77be862571591bcf8c696b545902c7f80c

    • SHA512

      b2c491c27f63883586fc0d18f56ffd37201724d4e3edc382a7129b702f77c6e58a178df7339a4096c6fcfd46bb490a50e534c7a10a5be0911cbfc0a8db74d2d6

    • SSDEEP

      3072:i1DS10uoQG2di0wR9m42FXc9BWYwj8B25T7NmwZR5DDX/mnANuDtTKh:iFGcf9mb2k8B25Th8nAg+h

    • GandCrab payload

    • Gandcrab

      Gandcrab is a Trojan horse that encrypts files on a computer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks