General

  • Target

    7443d1e91a4eb058b643c29f53136037_JaffaCakes118

  • Size

    73KB

  • Sample

    240526-elkbvaeh87

  • MD5

    7443d1e91a4eb058b643c29f53136037

  • SHA1

    47bffc970468591590c2655d914cbc0c6011738c

  • SHA256

    fd85b1fff032d0479750b69b035d3b936bf1eb390d12560a535f039fcd2842dd

  • SHA512

    08d84206983c22de27f51e2eebc00789f31b074c5a232c06146b96d4dbce78c9d91689f87aa0c23af97c564f67bfd95ce63cadbb0f7a20d1a00a9bba1622e3c3

  • SSDEEP

    1536:i55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:YMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

    • Target

      7443d1e91a4eb058b643c29f53136037_JaffaCakes118

    • Size

      73KB

    • MD5

      7443d1e91a4eb058b643c29f53136037

    • SHA1

      47bffc970468591590c2655d914cbc0c6011738c

    • SHA256

      fd85b1fff032d0479750b69b035d3b936bf1eb390d12560a535f039fcd2842dd

    • SHA512

      08d84206983c22de27f51e2eebc00789f31b074c5a232c06146b96d4dbce78c9d91689f87aa0c23af97c564f67bfd95ce63cadbb0f7a20d1a00a9bba1622e3c3

    • SSDEEP

      1536:i55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:YMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

    Score
    6/10
    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks