jackpot | ff68685fdcd4c84426418963ce5cb961775419863cd02e8f2f69c6d46b3d134c

General

Target

jackpot_http.exe
Size

10.6MB
Sample

200828-bp3h8w1n2s
MD5

a542cbb17361195e396a3746a542ad9f
SHA1

a4c3b95f504516f87ed08e6705c52322f2f739e3
SHA256

ff68685fdcd4c84426418963ce5cb961775419863cd02e8f2f69c6d46b3d134c
SHA512

70ae63bc384f610656d3118cbde2e7b039f352352eb374e96d1c381eef9af0e662bdf7ce42671760a7926a7883aed001189ed9dd16265ab68175d6ac7cf4f321

Score

10^/10

jackpot ransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\payment request.txt

Family

jackpot

Ransom Note

.$$$ $$$$ .$$$$ $$$: $$$ ~$$$$$= $$$$ $$$$$$ .$$$ $$$$ .$$$$$ $$$: $$$ I$$$$$$$ $$$$$$ $$$$$$ .$$$ ~$$$$, $$$7 $$$:$$$. I$$ $$$ $$$ $$$ $$$? .$$$ $$$$$$ $$$ $$$:$$$ I$$ $$$ $$$ $$$ $$$? .$$$ $$I$$$ $$$ $$$$$$ I$$$$$$ $$$ $$$ $$$? .$$$ .$$ $$$ $$$ $$$:$$$ I$$$$ $$$ $$$ $$$? .$$$ I$$ 7$$+ $$$, $$$:$$$. I$$? $$$ $$$ $$$? .$$$ $$$$$$$$ $$$$ $$$:+$$$ I$$? +$$$$$$ $$$? .$$$ $$$ $$$. $$$$ $$$: $$$ I$$? $$$$$$ $$$? .$$$7 .$$$. .++++++++++++++. .+++++++++++++++. .+++++++++++++. $ 7$..~$$$$,.. ,7 $ ..$. .$ .$ $ . . $ $ . $7I. ..,$$ $ $ :$$$$$$$$$$$I $ $ $$$$7. I $ . $..$ $.:$~ $$.$$$ $I $ $ ,$ .$ I $ .. $ $.:$ .$ =$ .$I $ $ .$7.7$7$$$$=. I $ 7$$$$. $ $.:$. $$ :$, $I $ $ =.. . $?7.I $ ~$7 ,$$ $ $.:$ .$ .=$ $I $ $ ... I $ .$: .$. $ $.:$$$$$$$$$$$I $ $ I $ .$ $. $ $ $ $ $$$$$$ I $ $$$$$$$$$$$$ $ $ $ $ .$= . $$. I $ .$$$$$7$$$$$$ $ $ . $ $ $$ $$. I $ .$..$$..$ .$$ $ $ $.$$.$. $ $ $I .$$ I $ .$ .$$ ,$ .$$ $ $ 7$$ .7$$. $ $ .$$$$$$$$$$$$.I $ .$. $7. $. I$ $ $ .~. I$ .,. $ $ .$$ $$?~$$.$$ I $ .$7,$$ $$$.$$ $ $ ? . . ~ . $ $ .$ .$$ .$. ,$ I $ .$$$$$$$$$$$$.$ $ $. $ $ $ .$$ $$ .$$ .$ I $ . $ $ I7 $$ $ $ .$ $$ .$...$ I $ ..77$7 $ $ $ $ .$$7$$7$$$7$$ I $ .$.. ..$. $ $ $ $ I $ ~$7$$$=$$$ $ $ $$$$ $ $ I $ $.$$.$7?7 $ $ $ $$... $ $ $$.?$+ $ '++++++++++++++' '+++++++++++++++' '+++++++++++++++' All your important files are encrypted. To decrypt your files, pay 1 BTC ~= 6.436 USD to the BitCoin address: nf4jyHeft8yck8oafplNgRQUIOgAzBKSZW

Wallets

nf4jyHeft8yck8oafplNgRQUIOgAzBKSZW

Extracted

Path

C:\Users\Admin\Desktop\payment request.txt

Family

jackpot

Ransom Note

.$$$ $$$$ .$$$$ $$$: $$$ ~$$$$$= $$$$ $$$$$$ .$$$ $$$$ .$$$$$ $$$: $$$ I$$$$$$$ $$$$$$ $$$$$$ .$$$ ~$$$$, $$$7 $$$:$$$. I$$ $$$ $$$ $$$ $$$? .$$$ $$$$$$ $$$ $$$:$$$ I$$ $$$ $$$ $$$ $$$? .$$$ $$I$$$ $$$ $$$$$$ I$$$$$$ $$$ $$$ $$$? .$$$ .$$ $$$ $$$ $$$:$$$ I$$$$ $$$ $$$ $$$? .$$$ I$$ 7$$+ $$$, $$$:$$$. I$$? $$$ $$$ $$$? .$$$ $$$$$$$$ $$$$ $$$:+$$$ I$$? +$$$$$$ $$$? .$$$ $$$ $$$. $$$$ $$$: $$$ I$$? $$$$$$ $$$? .$$$7 .$$$. .++++++++++++++. .+++++++++++++++. .+++++++++++++. $ 7$..~$$$$,.. ,7 $ ..$. .$ .$ $ . . $ $ . $7I. ..,$$ $ $ :$$$$$$$$$$$I $ $ $$$$7. I $ . $..$ $.:$~ $$.$$$ $I $ $ ,$ .$ I $ .. $ $.:$ .$ =$ .$I $ $ .$7.7$7$$$$=. I $ 7$$$$. $ $.:$. $$ :$, $I $ $ =.. . $?7.I $ ~$7 ,$$ $ $.:$ .$ .=$ $I $ $ ... I $ .$: .$. $ $.:$$$$$$$$$$$I $ $ I $ .$ $. $ $ $ $ $$$$$$ I $ $$$$$$$$$$$$ $ $ $ $ .$= . $$. I $ .$$$$$7$$$$$$ $ $ . $ $ $$ $$. I $ .$..$$..$ .$$ $ $ $.$$.$. $ $ $I .$$ I $ .$ .$$ ,$ .$$ $ $ 7$$ .7$$. $ $ .$$$$$$$$$$$$.I $ .$. $7. $. I$ $ $ .~. I$ .,. $ $ .$$ $$?~$$.$$ I $ .$7,$$ $$$.$$ $ $ ? . . ~ . $ $ .$ .$$ .$. ,$ I $ .$$$$$$$$$$$$.$ $ $. $ $ $ .$$ $$ .$$ .$ I $ . $ $ I7 $$ $ $ .$ $$ .$...$ I $ ..77$7 $ $ $ $ .$$7$$7$$$7$$ I $ .$.. ..$. $ $ $ $ I $ ~$7$$$=$$$ $ $ $$$$ $ $ I $ $.$$.$7?7 $ $ $ $$... $ $ $$.?$+ $ '++++++++++++++' '+++++++++++++++' '+++++++++++++++' All your important files are encrypted. To decrypt your files, pay 1 BTC ~= 6.436 USD to the BitCoin address: b3ceNgafxihd6gcyVC6mlDae2IXZ8AROzu

Wallets

b3ceNgafxihd6gcyVC6mlDae2IXZ8AROzu

Targets

- Target
  
  jackpot_http.exe
- Size
  
  10.6MB
- MD5
  
  a542cbb17361195e396a3746a542ad9f
- SHA1
  
  a4c3b95f504516f87ed08e6705c52322f2f739e3
- SHA256
  
  ff68685fdcd4c84426418963ce5cb961775419863cd02e8f2f69c6d46b3d134c
- SHA512
  
  70ae63bc384f610656d3118cbde2e7b039f352352eb374e96d1c381eef9af0e662bdf7ce42671760a7926a7883aed001189ed9dd16265ab68175d6ac7cf4f321
Score

10^/10

ransomware jackpot
- Jackpot Ransomware
  Simple ransomware first seen in early 2020.
  ransomware jackpot
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Jackpot Ransomware

Modifies extensions of user files

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2