2b9949889dd265aa85dd7712d7b8344832dcb6ee03574aab23cee91ff68557de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

075fde76356266570e4801a1f0e852ae_JaffaCakes118
Size

53KB
Sample

240624-j2rhbawajm
MD5

075fde76356266570e4801a1f0e852ae
SHA1

c6fa790f37e0a30b1c6cc9014fefc9164adc8a16
SHA256

2b9949889dd265aa85dd7712d7b8344832dcb6ee03574aab23cee91ff68557de
SHA512

4cff70eff3f0d4c6df0b05d6b6de916e86d0b8575858ef925932d27214756afce0cc5d621bb93934d24ee5aa4ee54a2fba808e4098d8beb360a1682d6b3ccee4
SSDEEP

1536:7C7UjgsIAgRR5UjLSXIcO7GWJStlY27VqmSVzyqYvd0bRPp24dfG+2yz5+eBGF3k:7/jLaRujOXIcODStlY27VqmSVzyqYvd2

Score

9^/10

ransomware

Malware Config

Targets

- Target
  
  075fde76356266570e4801a1f0e852ae_JaffaCakes118
- Size
  
  53KB
- MD5
  
  075fde76356266570e4801a1f0e852ae
- SHA1
  
  c6fa790f37e0a30b1c6cc9014fefc9164adc8a16
- SHA256
  
  2b9949889dd265aa85dd7712d7b8344832dcb6ee03574aab23cee91ff68557de
- SHA512
  
  4cff70eff3f0d4c6df0b05d6b6de916e86d0b8575858ef925932d27214756afce0cc5d621bb93934d24ee5aa4ee54a2fba808e4098d8beb360a1682d6b3ccee4
- SSDEEP
  
  1536:7C7UjgsIAgRR5UjLSXIcO7GWJStlY27VqmSVzyqYvd0bRPp24dfG+2yz5+eBGF3k:7/jLaRujOXIcODStlY27VqmSVzyqYvd2
Score

9^/10

ransomware
- Renames multiple (268) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2