General

  • Target

    230606dd8b0d62e2a8a04ef61b2d8707_JaffaCakes118

  • Size

    660KB

  • Sample

    240508-d5ttysbb99

  • MD5

    230606dd8b0d62e2a8a04ef61b2d8707

  • SHA1

    5c50cdad090de913d0c87edeb392c8df1af9f5c3

  • SHA256

    5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f

  • SHA512

    188e08205a38730057c63753451784a499657380cb0384e7d7f9ed9b5c3d60aad8daeae47e125ab22fd23357920bfd79a69423c5f9d733269160a2a7331df77d

  • SSDEEP

    12288:lMtWh23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:lMtP3p0RzYa+E

Malware Config

Targets

    • Target

      230606dd8b0d62e2a8a04ef61b2d8707_JaffaCakes118

    • Size

      660KB

    • MD5

      230606dd8b0d62e2a8a04ef61b2d8707

    • SHA1

      5c50cdad090de913d0c87edeb392c8df1af9f5c3

    • SHA256

      5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f

    • SHA512

      188e08205a38730057c63753451784a499657380cb0384e7d7f9ed9b5c3d60aad8daeae47e125ab22fd23357920bfd79a69423c5f9d733269160a2a7331df77d

    • SSDEEP

      12288:lMtWh23Ks1mQnWattmsbMVSH05SxQiEQ9jmE56:lMtP3p0RzYa+E

    • Locky (Lukitus variant)

      Variant of the Locky ransomware seen in the wild since late 2017.

    • Deletes itself

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks