General
-
Target
a410188cf459e3beb5be623f1dc1ab75_JaffaCakes118
-
Size
517KB
-
Sample
240613-gjbm2azfrk
-
MD5
a410188cf459e3beb5be623f1dc1ab75
-
SHA1
85615da588fe978d82c6bc06e2b0d7db58a4f913
-
SHA256
509b7eacb051087d49d9357c354532cf1561f065f11d0c2b6bc24f53fb255e2e
-
SHA512
a28a42ce5ecca6b6be0068083c7fba49c76050a0e6dd92b801a0fed281140679cf0b74353c3de2298dcb2e6bf906492d9ded6be080c7c3a81472d3ee0f0e9347
-
SSDEEP
12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
Static task
static1
Behavioral task
behavioral1
Sample
a410188cf459e3beb5be623f1dc1ab75_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a410188cf459e3beb5be623f1dc1ab75_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a410188cf459e3beb5be623f1dc1ab75_JaffaCakes118
-
Size
517KB
-
MD5
a410188cf459e3beb5be623f1dc1ab75
-
SHA1
85615da588fe978d82c6bc06e2b0d7db58a4f913
-
SHA256
509b7eacb051087d49d9357c354532cf1561f065f11d0c2b6bc24f53fb255e2e
-
SHA512
a28a42ce5ecca6b6be0068083c7fba49c76050a0e6dd92b801a0fed281140679cf0b74353c3de2298dcb2e6bf906492d9ded6be080c7c3a81472d3ee0f0e9347
-
SSDEEP
12288:zVRm47ugq9QLXzNWVn4Fkl6BQ2yLhxPtIS4GudgBXllbXtdj:zVzzzjNO4FkUQ2yL7PtIdGudqlb9dj
-
Locky (Lukitus variant)
Variant of the Locky ransomware seen in the wild since late 2017.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Deletes itself
-
Sets desktop wallpaper using registry
-