gandcrab | c5f7207e91df735e3863f17bd9e073ee3f1db54f2e42ae05ac0bae0f0bb1efd6 | Triage

Submit
Reports

Overview

overview

Static

static

b3a46cea77...18.exe

windows7-x64

6

b3a46cea77...18.exe

windows10-2004-x64

6

Sharing

General

Target

b3a46cea77846e5d74a4c67aa0b02dd6_JaffaCakes118
Size

69KB
Sample

240616-p9ca9ayarn
MD5

b3a46cea77846e5d74a4c67aa0b02dd6
SHA1

efb1eac3f318973aa562b53cdd10f3751f79ddee
SHA256

c5f7207e91df735e3863f17bd9e073ee3f1db54f2e42ae05ac0bae0f0bb1efd6
SHA512

233d03247b28a65a9245f2daf0bef8be799318eee6d8661294ab6b90dfcdef999b4f92d095ae19256bc4070dd1ea1939b2cb289b7d48910e531535794415a788
SSDEEP

1536:/ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:XBounVyFHpfMqqDL2/Lkvd

Score

10^/10

gandcrab persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b3a46cea77846e5d74a4c67aa0b02dd6_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b3a46cea77846e5d74a4c67aa0b02dd6_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  b3a46cea77846e5d74a4c67aa0b02dd6_JaffaCakes118
- Size
  
  69KB
- MD5
  
  b3a46cea77846e5d74a4c67aa0b02dd6
- SHA1
  
  efb1eac3f318973aa562b53cdd10f3751f79ddee
- SHA256
  
  c5f7207e91df735e3863f17bd9e073ee3f1db54f2e42ae05ac0bae0f0bb1efd6
- SHA512
  
  233d03247b28a65a9245f2daf0bef8be799318eee6d8661294ab6b90dfcdef999b4f92d095ae19256bc4070dd1ea1939b2cb289b7d48910e531535794415a788
- SSDEEP
  
  1536:/ZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:XBounVyFHpfMqqDL2/Lkvd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy