Overview

overview

10

Static

static

10

b2e7fdf62a...18.exe

windows7-x64

6

b2e7fdf62a...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2e7fdf62ac4ab59b882ef6944628a92_JaffaCakes118

  • Size

    70KB

  • Sample

    240616-l1pnfasgpl

  • MD5

    b2e7fdf62ac4ab59b882ef6944628a92

  • SHA1

    a9b96e7bcb37c207143a26d450745bf526050d02

  • SHA256

    650491d70fa834b691e6100033ea5979a5282a270cafd53b1ba8390fa57df9a0

  • SHA512

    ef52472b6ffb2f9aefb84da62f9e50352af097f72c7894e26cbeb3c352f12473e8dc1f2667bc1310668c6151a0de73651b86dae5cb3b7231e683d7babc53f22c

  • SSDEEP

    1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:rd5BJHMqqDL2/Ovvdr

Score
10/10
gandcrabpersistence

Malware Config

Targets

    • Target

      b2e7fdf62ac4ab59b882ef6944628a92_JaffaCakes118

    • Size

      70KB

    • MD5

      b2e7fdf62ac4ab59b882ef6944628a92

    • SHA1

      a9b96e7bcb37c207143a26d450745bf526050d02

    • SHA256

      650491d70fa834b691e6100033ea5979a5282a270cafd53b1ba8390fa57df9a0

    • SHA512

      ef52472b6ffb2f9aefb84da62f9e50352af097f72c7894e26cbeb3c352f12473e8dc1f2667bc1310668c6151a0de73651b86dae5cb3b7231e683d7babc53f22c

    • SSDEEP

      1536:UZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:rd5BJHMqqDL2/Ovvdr

    Score
    6/10
    persistence

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks