General
-
Target
3d110ea20dd764f06949a7a1b2bbddb0_JaffaCakes118
-
Size
12KB
-
Sample
241013-bvqnfascld
-
MD5
3d110ea20dd764f06949a7a1b2bbddb0
-
SHA1
77170c681386d3a474d0e07f1a5a9e087e7352c3
-
SHA256
445dcc8517d6fec6d64809e5d5c2864af25129e33ec32818b54cfb3e9dee366e
-
SHA512
3fbf40bc940a7513e14c7f8c76d7bf35c518e5269796c3bee6714814f46c8711f2c876fc884023123180e7b954d002253b8c0c4a9165ef9ef80e817322c40a56
-
SSDEEP
192:PgAFskqaZ3fA805LFbQ5aODDQ413XbTEWMwMDs2ctKw7q+N0Ptsi2DNhB:PgAFsqRY5BM5rDDb1LoWjis1P7z/l
Malware Config
Targets
-
-
Target
3d110ea20dd764f06949a7a1b2bbddb0_JaffaCakes118
-
Size
12KB
-
MD5
3d110ea20dd764f06949a7a1b2bbddb0
-
SHA1
77170c681386d3a474d0e07f1a5a9e087e7352c3
-
SHA256
445dcc8517d6fec6d64809e5d5c2864af25129e33ec32818b54cfb3e9dee366e
-
SHA512
3fbf40bc940a7513e14c7f8c76d7bf35c518e5269796c3bee6714814f46c8711f2c876fc884023123180e7b954d002253b8c0c4a9165ef9ef80e817322c40a56
-
SSDEEP
192:PgAFskqaZ3fA805LFbQ5aODDQ413XbTEWMwMDs2ctKw7q+N0Ptsi2DNhB:PgAFsqRY5BM5rDDb1LoWjis1P7z/l
Score9/10-
Renames multiple (2189) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-