gandcrab | ba6df258ab456ae1f6cf034fa3e675e5199fbc6ef7a8b575345bb7691eed1e76 | Triage

Submit
Reports

Overview

overview

Static

static

b62e846260...18.exe

windows7-x64

6

b62e846260...18.exe

windows10-2004-x64

6

Sharing

General

Target

b62e84626017076510ecca5f0cd82d7f_JaffaCakes118
Size

69KB
Sample

240617-bwvc1sscpq
MD5

b62e84626017076510ecca5f0cd82d7f
SHA1

b674190c48e7c771c0fe6d61cbd1edcd3947e8b3
SHA256

ba6df258ab456ae1f6cf034fa3e675e5199fbc6ef7a8b575345bb7691eed1e76
SHA512

480cf7d028547981b75d6fa9e71aa9511262ad7e171e2dac9136bba0cf36067aae488abdd813990162fc26789c40edb7ca34a0937abcc612d70d5a4398d57cb8
SSDEEP

1536:KZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:8BounVyFHpfMqqDL2/Lkvd

Score

10^/10

gandcrab persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b62e84626017076510ecca5f0cd82d7f_JaffaCakes118.exe

Resource

win7-20240611-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b62e84626017076510ecca5f0cd82d7f_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  b62e84626017076510ecca5f0cd82d7f_JaffaCakes118
- Size
  
  69KB
- MD5
  
  b62e84626017076510ecca5f0cd82d7f
- SHA1
  
  b674190c48e7c771c0fe6d61cbd1edcd3947e8b3
- SHA256
  
  ba6df258ab456ae1f6cf034fa3e675e5199fbc6ef7a8b575345bb7691eed1e76
- SHA512
  
  480cf7d028547981b75d6fa9e71aa9511262ad7e171e2dac9136bba0cf36067aae488abdd813990162fc26789c40edb7ca34a0937abcc612d70d5a4398d57cb8
- SSDEEP
  
  1536:KZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAwfMqqU+2bbbAV2/S2Lkvd9:8BounVyFHpfMqqDL2/Lkvd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy