General
-
Target
45f9c9052ac71cc829ab548215e9bad0_JaffaCakes118
-
Size
23KB
-
Sample
241015-fn9j7awenc
-
MD5
45f9c9052ac71cc829ab548215e9bad0
-
SHA1
9297c7c81fa4ba1797897156afff1e1e9bd3064c
-
SHA256
b3de64e53dd3864d6499a60867e036424f9f93e9837edaae22e0505b765536a1
-
SHA512
0f1548a9e26ccbab7c5c40ae8da456538d4b6b730b26fc0d5b5081afe17a752901a2f43921067bd0e771f8f86e89ea9644b3e46317935cbb7238227784f32510
-
SSDEEP
384:SebFNw4Pk1itKkpAjjI2Ypdm9LGSFQAKDNlzi8TFtp5Rlsd9xG67mM:S0FmBkpKjPYpWD58vn2H
Behavioral task
behavioral1
Sample
45f9c9052ac71cc829ab548215e9bad0_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
45f9c9052ac71cc829ab548215e9bad0_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
45f9c9052ac71cc829ab548215e9bad0_JaffaCakes118
-
Size
23KB
-
MD5
45f9c9052ac71cc829ab548215e9bad0
-
SHA1
9297c7c81fa4ba1797897156afff1e1e9bd3064c
-
SHA256
b3de64e53dd3864d6499a60867e036424f9f93e9837edaae22e0505b765536a1
-
SHA512
0f1548a9e26ccbab7c5c40ae8da456538d4b6b730b26fc0d5b5081afe17a752901a2f43921067bd0e771f8f86e89ea9644b3e46317935cbb7238227784f32510
-
SSDEEP
384:SebFNw4Pk1itKkpAjjI2Ypdm9LGSFQAKDNlzi8TFtp5Rlsd9xG67mM:S0FmBkpKjPYpWD58vn2H
Score9/10-
Renames multiple (2154) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-