751b20cde6115909091fe3f8678445202b3dc5082441c19508152d635cbff6cf | Triage

Sharing

General

Target

JaffaCakes118_017b2cd27844e65918619a70bf51c005
Size

104KB
Sample

250111-2gmyhavnbl
MD5

017b2cd27844e65918619a70bf51c005
SHA1

c4d0faffc5780d1228f2b1d47094937085131db4
SHA256

751b20cde6115909091fe3f8678445202b3dc5082441c19508152d635cbff6cf
SHA512

ea76fd81ea6b3f95e717b68482d1be3f8c97843eb5dbcb9bbc4d1f522a71c9e96a1605e5f5a4270639be2e47b4dc1bfa9612975303e23316e7221691abe49daf
SSDEEP

1536:jrcImRjJEaFtho6n4/DggkrXlwwNdBempwGcA7Vc7+eUb:XcxRaa1o/EfrXbN3eaNcu+aeU

Score

8^/10

discovery evasion ransomware

Malware Config

Targets

- Target
  
  JaffaCakes118_017b2cd27844e65918619a70bf51c005
- Size
  
  104KB
- MD5
  
  017b2cd27844e65918619a70bf51c005
- SHA1
  
  c4d0faffc5780d1228f2b1d47094937085131db4
- SHA256
  
  751b20cde6115909091fe3f8678445202b3dc5082441c19508152d635cbff6cf
- SHA512
  
  ea76fd81ea6b3f95e717b68482d1be3f8c97843eb5dbcb9bbc4d1f522a71c9e96a1605e5f5a4270639be2e47b4dc1bfa9612975303e23316e7221691abe49daf
- SSDEEP
  
  1536:jrcImRjJEaFtho6n4/DggkrXlwwNdBempwGcA7Vc7+eUb:XcxRaa1o/EfrXbN3eaNcu+aeU
Score

8^/10

discovery evasion ransomware
- Disables Task Manager via registry modification
  evasion
- Deletes itself
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionransomware

behavioral2

discoveryevasionransomware