General
-
Target
0ac9c6feed95426d6d3ec9cae396baed_JaffaCakes118
-
Size
12KB
-
Sample
241002-p82vhsxclr
-
MD5
0ac9c6feed95426d6d3ec9cae396baed
-
SHA1
8285db1c3d05bbacc18e6851f6163732d9c87f84
-
SHA256
df35e9e1d54768fd864ba8f9a74b0cacf9e1420845168cef71caae7ce677050c
-
SHA512
7fff66e160b3e9ad430bd518874bb5d6d314c90c1e91e8d404f44fb132d3b749c51d698383042f22be1e1baadb375e229d77fa7026e149480d4afd25552730da
-
SSDEEP
192:J/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjaGpsHcxUw4h+lfPtRMCZgWOS9Y:JebFNw4Pk1itKkpAjjJs6B40WCyWOh
Behavioral task
behavioral1
Sample
0ac9c6feed95426d6d3ec9cae396baed_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
0ac9c6feed95426d6d3ec9cae396baed_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0ac9c6feed95426d6d3ec9cae396baed_JaffaCakes118
-
Size
12KB
-
MD5
0ac9c6feed95426d6d3ec9cae396baed
-
SHA1
8285db1c3d05bbacc18e6851f6163732d9c87f84
-
SHA256
df35e9e1d54768fd864ba8f9a74b0cacf9e1420845168cef71caae7ce677050c
-
SHA512
7fff66e160b3e9ad430bd518874bb5d6d314c90c1e91e8d404f44fb132d3b749c51d698383042f22be1e1baadb375e229d77fa7026e149480d4afd25552730da
-
SSDEEP
192:J/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjaGpsHcxUw4h+lfPtRMCZgWOS9Y:JebFNw4Pk1itKkpAjjJs6B40WCyWOh
Score9/10-
Renames multiple (2207) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Adds Run key to start application
-
Drops file in System32 directory
-