General
-
Target
70b0fe3702cbab6ab0c09a775fd6b539_JaffaCakes118
-
Size
796KB
-
Sample
240525-ds1rqscg73
-
MD5
70b0fe3702cbab6ab0c09a775fd6b539
-
SHA1
6b99372b8cc4ceb8ef678c74653e1471f69bc53f
-
SHA256
5d8a701110d58ab7c1aa8bae6bc9d5358b8cd508115891320e6af6c68f3bbd74
-
SHA512
8cbbfe51f93de5c8a075c7a031867a2f5e7b7681aff709b89008f276c9aa5fe74e3fc6865a0fc28550d3a2ec9892de3c5539dfd9b06ab938dcc2ed2e1cc3fd8c
-
SSDEEP
12288:B6bzpTWdzHkaPqtzDQmSKebtX+74EXuJpZFuk+2YeEbv0BP78B:B6h9hzDQnE8SxeEb0Bg
Static task
static1
Behavioral task
behavioral1
Sample
70b0fe3702cbab6ab0c09a775fd6b539_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
70b0fe3702cbab6ab0c09a775fd6b539_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
70b0fe3702cbab6ab0c09a775fd6b539_JaffaCakes118
-
Size
796KB
-
MD5
70b0fe3702cbab6ab0c09a775fd6b539
-
SHA1
6b99372b8cc4ceb8ef678c74653e1471f69bc53f
-
SHA256
5d8a701110d58ab7c1aa8bae6bc9d5358b8cd508115891320e6af6c68f3bbd74
-
SHA512
8cbbfe51f93de5c8a075c7a031867a2f5e7b7681aff709b89008f276c9aa5fe74e3fc6865a0fc28550d3a2ec9892de3c5539dfd9b06ab938dcc2ed2e1cc3fd8c
-
SSDEEP
12288:B6bzpTWdzHkaPqtzDQmSKebtX+74EXuJpZFuk+2YeEbv0BP78B:B6h9hzDQnE8SxeEb0Bg
Score9/10-
Renames multiple (8017) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-
Drops startup file
-
Drops desktop.ini file(s)
-