Overview

overview

10

Static

static

3

Hakuna Matata 2.3.exe

windows10-ltsc 2021-x64

10

Hakuna Matata 2.3.exe

windows11-21h2-x64

1

Resubmissions

19/11/2024, 07:57

241119-js983axkdk 10

19/11/2024, 07:31

241119-jcn1ws1grh 3

28/04/2024, 10:59

240428-m3djmaed4s 3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Hakuna Matata 2.3.exe

  • Size

    357KB

  • Sample

    241119-js983axkdk

  • MD5

    9cb647e411fae3e3e22733ae173f001f

  • SHA1

    e9c7fecfced3970cef907391445376a63145141e

  • SHA256

    75d671aaef845011c6bb680b9ed4259b79711a57d6f35ded3577b321efa6cee4

  • SHA512

    471f37d1a921f5c5bc9413f16817df87ae3eb8ca80ef24dc1152e16d1a24d28299f5c83cf9f1ecde0a2c23a56f18ed139283429360819a37bca58b7f7a98ecad

  • SSDEEP

    3072:iveEBobbtsHkrXPF5mRPSW1NtdRG99992222J99992222pgGhg+HxVTijY29999C:iveEBobb3GKxHxVTL

Score
10/10
persistenceransomware

Malware Config

Extracted

Path

C:\Users\Admin\Documents\Readme.txt

Ransom Note
--- What happened? --- All of your files are encrypted and stolen. Stolen data will be published soon on our tor website. There is no way to recover your data and prevent data leakage without us Decryption is not possible without private key. Don't waste your and our time to recover your files. It is impossible without our help --- How to recover files & prevent leakage? --- To make sure that we REALLY CAN recover your data - we offer FREE DECRYPTION for warranty. We promise that you can recover all your files safely and prevent data leakage. We can do it! --- Contact Us--- Your contact information

Targets

    • Target

      Hakuna Matata 2.3.exe

    • Size

      357KB

    • MD5

      9cb647e411fae3e3e22733ae173f001f

    • SHA1

      e9c7fecfced3970cef907391445376a63145141e

    • SHA256

      75d671aaef845011c6bb680b9ed4259b79711a57d6f35ded3577b321efa6cee4

    • SHA512

      471f37d1a921f5c5bc9413f16817df87ae3eb8ca80ef24dc1152e16d1a24d28299f5c83cf9f1ecde0a2c23a56f18ed139283429360819a37bca58b7f7a98ecad

    • SSDEEP

      3072:iveEBobbtsHkrXPF5mRPSW1NtdRG99992222J99992222pgGhg+HxVTijY29999C:iveEBobb3GKxHxVTL

    Score
    10/10
    persistenceransomware

    • Renames multiple (106) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks