General
-
Target
95c46f5c597084196911a309bc15e878_JaffaCakes118
-
Size
321KB
-
Sample
240604-wl4h6afc49
-
MD5
95c46f5c597084196911a309bc15e878
-
SHA1
4d24d8fe28d22b36e31d9be822c3d2005b4c49b5
-
SHA256
40008cbb7c827f74cbba7dd50c5ebcc0da3a06c4d669c96b97977ddd4fb50277
-
SHA512
2137dea3d9878f40be2f757665fa5681a9dd5d327c1e69a127e041a2595cbbc867e4482d0da576cd59334680edb6e1fa27f70ab06bef494320d66e4d1ee71f70
-
SSDEEP
6144:NfwD/eHK1rGTAOfrIV/QHxOtJkkgYsGGdzK:NfwDz1+q4Hsi+
Static task
static1
Behavioral task
behavioral1
Sample
95c46f5c597084196911a309bc15e878_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
95c46f5c597084196911a309bc15e878_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
95c46f5c597084196911a309bc15e878_JaffaCakes118
-
Size
321KB
-
MD5
95c46f5c597084196911a309bc15e878
-
SHA1
4d24d8fe28d22b36e31d9be822c3d2005b4c49b5
-
SHA256
40008cbb7c827f74cbba7dd50c5ebcc0da3a06c4d669c96b97977ddd4fb50277
-
SHA512
2137dea3d9878f40be2f757665fa5681a9dd5d327c1e69a127e041a2595cbbc867e4482d0da576cd59334680edb6e1fa27f70ab06bef494320d66e4d1ee71f70
-
SSDEEP
6144:NfwD/eHK1rGTAOfrIV/QHxOtJkkgYsGGdzK:NfwDz1+q4Hsi+
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-