abaaf81a4519d27ad0d9083df40da994555f262c0b89a45193c5f94c7d534dd4 | Triage

Sharing

General

Target

025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118
Size

276KB
Sample

240427-ef13eabc5x
MD5

025cd026448c2959e6d9d6df9abb01c5
SHA1

fdce4cf20b4b56ec9813a2e6deb6bd42398fe6ef
SHA256

abaaf81a4519d27ad0d9083df40da994555f262c0b89a45193c5f94c7d534dd4
SHA512

5fd08f32ecc01cf7fd99a6d6f264f063e06ec89b36e3024b84910a77069c81f3409a25a23064378e92197e2ede5fda6c6777305b74de93982fc7a91fae540ba0
SSDEEP

3072:aPP3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBPL:WIlKgzelZNQSBQGH/CSpWqTx

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  025cd026448c2959e6d9d6df9abb01c5_JaffaCakes118
- Size
  
  276KB
- MD5
  
  025cd026448c2959e6d9d6df9abb01c5
- SHA1
  
  fdce4cf20b4b56ec9813a2e6deb6bd42398fe6ef
- SHA256
  
  abaaf81a4519d27ad0d9083df40da994555f262c0b89a45193c5f94c7d534dd4
- SHA512
  
  5fd08f32ecc01cf7fd99a6d6f264f063e06ec89b36e3024b84910a77069c81f3409a25a23064378e92197e2ede5fda6c6777305b74de93982fc7a91fae540ba0
- SSDEEP
  
  3072:aPP3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBPL:WIlKgzelZNQSBQGH/CSpWqTx
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2