General
-
Target
ea5da2ef56e03e4f999cf71ca7dd10c3_JaffaCakes118
-
Size
94KB
-
Sample
240919-b78d1svcja
-
MD5
ea5da2ef56e03e4f999cf71ca7dd10c3
-
SHA1
768f2f9d718fe3d45073fef1194f8017f85f9570
-
SHA256
a3cb28186df9ff5005caca9de243283245c1fae2962d564d02cd7bfcaba9dd03
-
SHA512
3ffe43b569b50405e7322741cef49ff9c49ba39e76fa68d44d3870de25b9301df4e365220df81ff482d63ed0b6d89b47eb8cadebd06449f20e65cbcbdef6afaa
-
SSDEEP
1536:qUWfaEiAaxykxSOyf7dfEfblaBterxVEqtF/HYc1DNXhk64cwVqn7Vb0c7x+CHQl:iiE9a3Qd8fZSerHD/nXhj4ckq7ZtjQks
Malware Config
Targets
-
-
Target
ea5da2ef56e03e4f999cf71ca7dd10c3_JaffaCakes118
-
Size
94KB
-
MD5
ea5da2ef56e03e4f999cf71ca7dd10c3
-
SHA1
768f2f9d718fe3d45073fef1194f8017f85f9570
-
SHA256
a3cb28186df9ff5005caca9de243283245c1fae2962d564d02cd7bfcaba9dd03
-
SHA512
3ffe43b569b50405e7322741cef49ff9c49ba39e76fa68d44d3870de25b9301df4e365220df81ff482d63ed0b6d89b47eb8cadebd06449f20e65cbcbdef6afaa
-
SSDEEP
1536:qUWfaEiAaxykxSOyf7dfEfblaBterxVEqtF/HYc1DNXhk64cwVqn7Vb0c7x+CHQl:iiE9a3Qd8fZSerHD/nXhj4ckq7ZtjQks
Score9/10-
Renames multiple (215) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-