Overview

overview

10

Static

static

10

b1c7520300...18.exe

windows7-x64

6

b1c7520300...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1c752030026da954e795d934eb57567_JaffaCakes118

  • Size

    69KB

  • Sample

    240616-fc4jsszfqa

  • MD5

    b1c752030026da954e795d934eb57567

  • SHA1

    480940581d345eee0ecae1bf56e0a3b830a459a0

  • SHA256

    d1c1502c3c7267f83258b9c091aeff70447f0a58cd1d4d0db1611229e8b8fcf9

  • SHA512

    d4b641fb179af0d4c57db0b5f7ca1f436dd784cc378c24fa39dfd2819671e9c74698f930caf6338fe63e1b41fad2376855c712dcffb205f4aa3a6b2a2681c7ef

  • SSDEEP

    1536:4ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:2BounVyFHpfMqqDL2/Lkvd

Score
10/10
gandcrabpersistence

Malware Config

Targets

    • Target

      b1c752030026da954e795d934eb57567_JaffaCakes118

    • Size

      69KB

    • MD5

      b1c752030026da954e795d934eb57567

    • SHA1

      480940581d345eee0ecae1bf56e0a3b830a459a0

    • SHA256

      d1c1502c3c7267f83258b9c091aeff70447f0a58cd1d4d0db1611229e8b8fcf9

    • SHA512

      d4b641fb179af0d4c57db0b5f7ca1f436dd784cc378c24fa39dfd2819671e9c74698f930caf6338fe63e1b41fad2376855c712dcffb205f4aa3a6b2a2681c7ef

    • SSDEEP

      1536:4ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:2BounVyFHpfMqqDL2/Lkvd

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks