gandcrab | 4b7878ae9e3fd4f60c031323eae7a77ae3e049e15bfb10edf66e9f29c312a5ad | Triage

Submit
Reports

Overview

overview

Static

static

b7745b842e...18.exe

windows7-x64

6

b7745b842e...18.exe

windows10-2004-x64

6

Sharing

General

Target

b7745b842e98ee8026f246788647c448_JaffaCakes118
Size

70KB
Sample

240617-jk28gsvdlr
MD5

b7745b842e98ee8026f246788647c448
SHA1

1cb749b503127596ecd72cdf156ddca144e3a953
SHA256

4b7878ae9e3fd4f60c031323eae7a77ae3e049e15bfb10edf66e9f29c312a5ad
SHA512

84831f9b254e0638b9e87831679fb0348d41c2198a4c7a40e57a0fc302b19fd2bad513193f9bacd200cad46d262772f953dbdd8eab547899929d2b7cd1f88ec7
SSDEEP

1536:2ZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:ld5BJHMqqDL2/Ovvdr

Score

10^/10

gandcrab persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b7745b842e98ee8026f246788647c448_JaffaCakes118.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7745b842e98ee8026f246788647c448_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  b7745b842e98ee8026f246788647c448_JaffaCakes118
- Size
  
  70KB
- MD5
  
  b7745b842e98ee8026f246788647c448
- SHA1
  
  1cb749b503127596ecd72cdf156ddca144e3a953
- SHA256
  
  4b7878ae9e3fd4f60c031323eae7a77ae3e049e15bfb10edf66e9f29c312a5ad
- SHA512
  
  84831f9b254e0638b9e87831679fb0348d41c2198a4c7a40e57a0fc302b19fd2bad513193f9bacd200cad46d262772f953dbdd8eab547899929d2b7cd1f88ec7
- SSDEEP
  
  1536:2ZZZZZZZZZZZZpXzzzzzzzzzzzzADypczUk+lkZJngWMqqU+2bbbAV2/S2OvvdZl:ld5BJHMqqDL2/Ovvdr
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy