Overview

overview

10

Static

static

1

94f407e861...18.exe

windows7-x64

10

94f407e861...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94f407e8615ebe091ccf5035197ea1ea_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240604-qckf2agf71

  • MD5

    94f407e8615ebe091ccf5035197ea1ea

  • SHA1

    89c8938057a1b0514e3805536ccf3d2eb4acb1e0

  • SHA256

    14fe0fa7e16253e53ce4c25616e08006ad09330bea8df9161a47b2815cd83067

  • SHA512

    08ec9d99d753e9239d89a9081276329e51adb2d3414447b103eae8dcd21f02dabc86a39abd4f8405cec076dfdc74133796eb4117285add6bd13826de5c99e423

  • SSDEEP

    24576:JAkh6SRcwxbc0x7A2JHQWP5Nx8ubFKD8L1QA/:JAe6Spxb9xc2JHXP3xBpD1Qw

Score
10/10
troldeshdiscoverypersistenceransomwarespywarestealertrojanupx

Malware Config

Targets

    • Target

      94f407e8615ebe091ccf5035197ea1ea_JaffaCakes118

    • Size

      1.1MB

    • MD5

      94f407e8615ebe091ccf5035197ea1ea

    • SHA1

      89c8938057a1b0514e3805536ccf3d2eb4acb1e0

    • SHA256

      14fe0fa7e16253e53ce4c25616e08006ad09330bea8df9161a47b2815cd83067

    • SHA512

      08ec9d99d753e9239d89a9081276329e51adb2d3414447b103eae8dcd21f02dabc86a39abd4f8405cec076dfdc74133796eb4117285add6bd13826de5c99e423

    • SSDEEP

      24576:JAkh6SRcwxbc0x7A2JHQWP5Nx8ubFKD8L1QA/:JAe6Spxb9xc2JHXP3xBpD1Qw

    Score
    10/10
    troldeshdiscoverypersistenceransomwarespywarestealertrojanupx

    • Troldesh, Shade, Encoder.858

      Troldesh is a ransomware spread by malspam.

      ransomwaretrojantroldesh

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks