General
-
Target
b8342724cf08a6d90a9157121e14cb91_JaffaCakes118
-
Size
185KB
-
Sample
240617-ms1w6s1ejq
-
MD5
b8342724cf08a6d90a9157121e14cb91
-
SHA1
5916a0e93e23f5688200597380f8fb7c617a802d
-
SHA256
9584e19425fef6278400d9b2173d73b94e247ccd79e4c11904f86b0f83696354
-
SHA512
d6890f21825a8464d22663c06a52fa203b472f07354182df0956128f945b88e79d9ea78c9f24c27bb1222e980a6bfb9647edd9c6d71fed265c766777b64ca91c
-
SSDEEP
3072:F5JL1jtr2Y4zoLvRRNyGokZLSh3b5czJCN6g+RcX5eWMLDmmFPA59xOonPucfSfD:HJL1N20JfXokZ6QskcAWMLim5A5vOAKD
Static task
static1
Behavioral task
behavioral1
Sample
program.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
program.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
program.exe
-
Size
328KB
-
MD5
a1d3ac1589572aaf97cc478769910de0
-
SHA1
3f8532f91b62ce3c3b97cddfec540da9ff041273
-
SHA256
a8fce1cf68294753a4bac38231257f3c7860a080719af8dc8ac5943458059c16
-
SHA512
d80ab2500145dfc74f16321d4fbe25801effe10a2558b7e68138f833033a5434714878f134cf9214ce2485b5b0e8ba5b1c29cfb0cfcf074348a27aa2ac0e0e81
-
SSDEEP
6144:dmWHLy61/yP85HZZptiYrVGrnCZ0g5ksjYYGHh4rCrrRrrFrrPrr5rrrgrrr8rr+:dmAu61/RHTWY5+nCZ0NIYYbrCrrRrrF2
Score10/10-
GandCrab payload
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-