General
-
Target
b8d0e648c8b3f0669097c324fd7c0726_JaffaCakes118
-
Size
73KB
-
Sample
240617-qkbh4awgmm
-
MD5
b8d0e648c8b3f0669097c324fd7c0726
-
SHA1
e260554dad0a293034f87374a4d9fb2a93a498f2
-
SHA256
46d4c27669a4f6caca5883b30e5658cc2e952479a21d269decb8c41e5dd817ff
-
SHA512
80c7179986c6ecc932f728511168a20f5903221acc50f7b572c4ce8f36cacd8eaa7d8b6b748edfd0178fb81b95d8e31b7ee1c0740b0d07d611451d82bd8fffb9
-
SSDEEP
1536:755u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:HMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h
Malware Config
Extracted
gandcrab
http://gdcbghvjyqy7jclk.onion.top/
Targets
-
-
Target
b8d0e648c8b3f0669097c324fd7c0726_JaffaCakes118
-
Size
73KB
-
MD5
b8d0e648c8b3f0669097c324fd7c0726
-
SHA1
e260554dad0a293034f87374a4d9fb2a93a498f2
-
SHA256
46d4c27669a4f6caca5883b30e5658cc2e952479a21d269decb8c41e5dd817ff
-
SHA512
80c7179986c6ecc932f728511168a20f5903221acc50f7b572c4ce8f36cacd8eaa7d8b6b748edfd0178fb81b95d8e31b7ee1c0740b0d07d611451d82bd8fffb9
-
SSDEEP
1536:755u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:HMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-