a7c88664fac921577e23dbe47c0c54c02ca5547dc08e2e30699c88c65925d293 | Triage

Sharing

General

Target

0d45d1ea4e964ba3972ce75275016300_JaffaCakes118
Size

104KB
Sample

241003-bqn9ta1bpb
MD5

0d45d1ea4e964ba3972ce75275016300
SHA1

d16c78b856fd16d1bc60b467f52485132e931d45
SHA256

a7c88664fac921577e23dbe47c0c54c02ca5547dc08e2e30699c88c65925d293
SHA512

6b68e6dd3c25098171a98498e64780a123e1fd700e50531fe54cc74a1d0760119b5e0a0966ea7d705b9ada4443b820375efd8275870ae68467e54876290b3049
SSDEEP

1536:hmLQ0OuM95MM80qXKFPaIkxIGNJI8ynDnAuonyvs2CdbNElheueaAL6GL:hmpaGOwysN7yEuonyvPCVNUw6

Score

8^/10

discovery evasion ransomware

Malware Config

Targets

- Target
  
  0d45d1ea4e964ba3972ce75275016300_JaffaCakes118
- Size
  
  104KB
- MD5
  
  0d45d1ea4e964ba3972ce75275016300
- SHA1
  
  d16c78b856fd16d1bc60b467f52485132e931d45
- SHA256
  
  a7c88664fac921577e23dbe47c0c54c02ca5547dc08e2e30699c88c65925d293
- SHA512
  
  6b68e6dd3c25098171a98498e64780a123e1fd700e50531fe54cc74a1d0760119b5e0a0966ea7d705b9ada4443b820375efd8275870ae68467e54876290b3049
- SSDEEP
  
  1536:hmLQ0OuM95MM80qXKFPaIkxIGNJI8ynDnAuonyvs2CdbNElheueaAL6GL:hmpaGOwysN7yEuonyvPCVNUw6
Score

8^/10

discovery evasion ransomware
- Disables Task Manager via registry modification
  evasion
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionransomware

behavioral2

discoveryevasionransomware