General

  • Target

    683cf9bccccf3ab30d8655e0fc3996f6_JaffaCakes118

  • Size

    615KB

  • Sample

    240522-xb4lvacd99

  • MD5

    683cf9bccccf3ab30d8655e0fc3996f6

  • SHA1

    cce97b2446f962df6df17785bcbae3d8283cf523

  • SHA256

    73cd7a019317b2cabbe269e5afc88b1fcd0508797a7eef4e9f9d3cdc1840fb4d

  • SHA512

    4d7a45db319a9e3f5fe14720b9bf2079a128167e5bdbd7ea19a2b5649b215c89076a1fb3a7ff51fdad327702001c02e24add3f2e85ec977140d883b663a88135

  • SSDEEP

    12288:HBRpTekU9TDkYwXkqqem+1tom7OxiWwHI1DRJ5hTBH41CXYXHSe2:HVTLUJQua2wo1DRJX1shHF

Malware Config

Targets

    • Target

      683cf9bccccf3ab30d8655e0fc3996f6_JaffaCakes118

    • Size

      615KB

    • MD5

      683cf9bccccf3ab30d8655e0fc3996f6

    • SHA1

      cce97b2446f962df6df17785bcbae3d8283cf523

    • SHA256

      73cd7a019317b2cabbe269e5afc88b1fcd0508797a7eef4e9f9d3cdc1840fb4d

    • SHA512

      4d7a45db319a9e3f5fe14720b9bf2079a128167e5bdbd7ea19a2b5649b215c89076a1fb3a7ff51fdad327702001c02e24add3f2e85ec977140d883b663a88135

    • SSDEEP

      12288:HBRpTekU9TDkYwXkqqem+1tom7OxiWwHI1DRJ5hTBH41CXYXHSe2:HVTLUJQua2wo1DRJX1shHF

    • Locky (Lukitus variant)

      Variant of the Locky ransomware seen in the wild since late 2017.

    • Deletes itself

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks