General
-
Target
371d9ae01acc0e04fa5c8deb2955b94c_JaffaCakes118
-
Size
518KB
-
Sample
240511-3h4s3sea9z
-
MD5
371d9ae01acc0e04fa5c8deb2955b94c
-
SHA1
45cc3b5091472fb10a55536efb9be38cd7d52eee
-
SHA256
7ebd9695846026c58253f7510050a65f35addec806ba5077efe4968643bdd965
-
SHA512
0b05afdd7c97c0e8d56df09bf37a45f805d3320594e3bb7ce896f7df5a0f898e7b9794c40c1cd442aea495ab52c8736c577b1c23dc400ca15045468ab69c113b
-
SSDEEP
12288:hVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:hVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
Static task
static1
Behavioral task
behavioral1
Sample
371d9ae01acc0e04fa5c8deb2955b94c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
371d9ae01acc0e04fa5c8deb2955b94c_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
371d9ae01acc0e04fa5c8deb2955b94c_JaffaCakes118
-
Size
518KB
-
MD5
371d9ae01acc0e04fa5c8deb2955b94c
-
SHA1
45cc3b5091472fb10a55536efb9be38cd7d52eee
-
SHA256
7ebd9695846026c58253f7510050a65f35addec806ba5077efe4968643bdd965
-
SHA512
0b05afdd7c97c0e8d56df09bf37a45f805d3320594e3bb7ce896f7df5a0f898e7b9794c40c1cd442aea495ab52c8736c577b1c23dc400ca15045468ab69c113b
-
SSDEEP
12288:hVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:hVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
Score10/10-
Locky (Lukitus variant)
Variant of the Locky ransomware seen in the wild since late 2017.
-
Deletes itself
-
Adds Run key to start application
-
Sets desktop wallpaper using registry
-