Overview

overview

7

Static

static

3

885892e747...18.exe

windows7-x64

3

885892e747...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    885892e7473419cb9809b14f953ead47_JaffaCakes118

  • Size

    107KB

  • Sample

    240811-a6c12sxapj

  • MD5

    885892e7473419cb9809b14f953ead47

  • SHA1

    953201b10f4e5fdeb2b60fba81ba74976ec8c579

  • SHA256

    b22808cba1393abcbe6fca3a9248ab3dc0341149af82399dc3b111016a83e540

  • SHA512

    ae15046c1ef0605642542b9040068e2bcc28451f75dfa55f96022b925286bd8dcfe2b3c3442ce5c052377d6845523ae63e8d710e0d1b0fe428133117c27f7e51

  • SSDEEP

    1536:eS8rkwNrZIyoAJ3Wx6ztQHfGlGgyyx89gCuK3USKaEcD86N0YSWB3fzh6Zj:eS82g38/Xgrc3USK2N0zWB3fzh

Score
7/10
discoverypersistenceransomwareupx

Malware Config

Targets

    • Target

      885892e7473419cb9809b14f953ead47_JaffaCakes118

    • Size

      107KB

    • MD5

      885892e7473419cb9809b14f953ead47

    • SHA1

      953201b10f4e5fdeb2b60fba81ba74976ec8c579

    • SHA256

      b22808cba1393abcbe6fca3a9248ab3dc0341149af82399dc3b111016a83e540

    • SHA512

      ae15046c1ef0605642542b9040068e2bcc28451f75dfa55f96022b925286bd8dcfe2b3c3442ce5c052377d6845523ae63e8d710e0d1b0fe428133117c27f7e51

    • SSDEEP

      1536:eS8rkwNrZIyoAJ3Wx6ztQHfGlGgyyx89gCuK3USKaEcD86N0YSWB3fzh6Zj:eS82g38/Xgrc3USK2N0zWB3fzh

    Score
    7/10
    discoverypersistenceransomwareupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks