General
-
Target
56a19e5b14e69a5026c51d53198ad0bf_JaffaCakes118
-
Size
39KB
-
Sample
241018-k9jccayfjc
-
MD5
56a19e5b14e69a5026c51d53198ad0bf
-
SHA1
5eb79a58f2ec1681a91299fe924e476ee7ce23b1
-
SHA256
4c3a79e665b140217270e151cfbed8144b843e88fa0944caaea64ac6d880baf8
-
SHA512
a14970cdc5359199c58e555b506ce6ef15c2edbb7ce9b12b40f3ba7059527ab9e66421a78aafcbd8ae2f58908d1d070bfc7ab552e97b67b7c642e425bda92b35
-
SSDEEP
384:jrFjn2LitKkpArp6lrzF6qYvjSEtVHEF8VuPMB:jIDkpypAY7/xnVD
Behavioral task
behavioral1
Sample
56a19e5b14e69a5026c51d53198ad0bf_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
56a19e5b14e69a5026c51d53198ad0bf_JaffaCakes118
-
Size
39KB
-
MD5
56a19e5b14e69a5026c51d53198ad0bf
-
SHA1
5eb79a58f2ec1681a91299fe924e476ee7ce23b1
-
SHA256
4c3a79e665b140217270e151cfbed8144b843e88fa0944caaea64ac6d880baf8
-
SHA512
a14970cdc5359199c58e555b506ce6ef15c2edbb7ce9b12b40f3ba7059527ab9e66421a78aafcbd8ae2f58908d1d070bfc7ab552e97b67b7c642e425bda92b35
-
SSDEEP
384:jrFjn2LitKkpArp6lrzF6qYvjSEtVHEF8VuPMB:jIDkpypAY7/xnVD
-
Detected Xorist Ransomware
-
Renames multiple (2197) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops file in System32 directory
-