General
-
Target
0fb5388925220accdbb465afa9cf7a36_JaffaCakes118
-
Size
653KB
-
Sample
241003-vcgglazakd
-
MD5
0fb5388925220accdbb465afa9cf7a36
-
SHA1
fffd80615af5d5941d1babdbfc10c3c3b094e38e
-
SHA256
39b5d4d200efa5ebe02aa8ee794daecdbfc63fc1f426afff3aabdc05bd8d43a1
-
SHA512
de4555089d4b9b8160e0368bf205b59e4a13b1e358561f2c94f57cc43c0164d2652b51da69f81cdfa6a1a65000776a89e1b0266de3be47d7922a91a9f1715ea4
-
SSDEEP
1536:YOhHHKaFO1was6dsSrwLX7Zf4BCUrGwLW3382iYN2Mxx8aO2B8:pnUr0X7Zf4BCUKwLg3ViG2Mxx8aX
Malware Config
Targets
-
-
Target
0fb5388925220accdbb465afa9cf7a36_JaffaCakes118
-
Size
653KB
-
MD5
0fb5388925220accdbb465afa9cf7a36
-
SHA1
fffd80615af5d5941d1babdbfc10c3c3b094e38e
-
SHA256
39b5d4d200efa5ebe02aa8ee794daecdbfc63fc1f426afff3aabdc05bd8d43a1
-
SHA512
de4555089d4b9b8160e0368bf205b59e4a13b1e358561f2c94f57cc43c0164d2652b51da69f81cdfa6a1a65000776a89e1b0266de3be47d7922a91a9f1715ea4
-
SSDEEP
1536:YOhHHKaFO1was6dsSrwLX7Zf4BCUrGwLW3382iYN2Mxx8aO2B8:pnUr0X7Zf4BCUKwLg3ViG2Mxx8aX
Score9/10-
Renames multiple (2188) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-