General
-
Target
d30b690fa77ccfe91961e836fa3b3588_JaffaCakes118
-
Size
331KB
-
Sample
241207-sb6zra1lbj
-
MD5
d30b690fa77ccfe91961e836fa3b3588
-
SHA1
9362e2b0a434b3e6e43a3d1a0abe3d7a4df63674
-
SHA256
63d0a1686fada50d4f2e1a8d1450608f91f2ad190fd2b9897e1f1137fdd94c60
-
SHA512
a047d1ce6d41fefc878dcf2d1587c3f52ebfd58cb101716072aed169dd7a031f31dc86e184d093c05d364f4126f48488ca1a28173513f2744d99a4d1dbd2d0e1
-
SSDEEP
6144:mkBiXJj6sHMk3THl3rAOptu9A1ivMB5BkoYcjUJ25:mkBimssSl3rIuivMrYJ25
Malware Config
Targets
-
-
Target
d30b690fa77ccfe91961e836fa3b3588_JaffaCakes118
-
Size
331KB
-
MD5
d30b690fa77ccfe91961e836fa3b3588
-
SHA1
9362e2b0a434b3e6e43a3d1a0abe3d7a4df63674
-
SHA256
63d0a1686fada50d4f2e1a8d1450608f91f2ad190fd2b9897e1f1137fdd94c60
-
SHA512
a047d1ce6d41fefc878dcf2d1587c3f52ebfd58cb101716072aed169dd7a031f31dc86e184d093c05d364f4126f48488ca1a28173513f2744d99a4d1dbd2d0e1
-
SSDEEP
6144:mkBiXJj6sHMk3THl3rAOptu9A1ivMB5BkoYcjUJ25:mkBimssSl3rIuivMrYJ25
Score10/10-
GandCrab payload
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Gandcrab family
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-