General
-
Target
6ff6d5f4c066ad2fc4bd95a3d1ada270_JaffaCakes118
-
Size
7KB
-
Sample
241023-vlpvbs1cph
-
MD5
6ff6d5f4c066ad2fc4bd95a3d1ada270
-
SHA1
f2ef52519bdd03cf6543873299235fb3fdf9bfa1
-
SHA256
cb801b4e6ea5f6c1edbff58080c16f5c37369c26acf1e16304ace83aa240e366
-
SHA512
fcdbac84668c8a6a50f29f1b091f24446bb3e180edeaf1e814542565cdeecd38e1d5d08000786958f9b4a2995140d2696440df3635b00f8ead580086dccc0b4d
-
SSDEEP
96:lgRZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihEx5vL8SlB2aEPINBXlq4:mRzdrr1FG1WDCgmjPZT/2apNVlxGMUA
Behavioral task
behavioral1
Sample
6ff6d5f4c066ad2fc4bd95a3d1ada270_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
6ff6d5f4c066ad2fc4bd95a3d1ada270_JaffaCakes118
-
Size
7KB
-
MD5
6ff6d5f4c066ad2fc4bd95a3d1ada270
-
SHA1
f2ef52519bdd03cf6543873299235fb3fdf9bfa1
-
SHA256
cb801b4e6ea5f6c1edbff58080c16f5c37369c26acf1e16304ace83aa240e366
-
SHA512
fcdbac84668c8a6a50f29f1b091f24446bb3e180edeaf1e814542565cdeecd38e1d5d08000786958f9b4a2995140d2696440df3635b00f8ead580086dccc0b4d
-
SSDEEP
96:lgRZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihEx5vL8SlB2aEPINBXlq4:mRzdrr1FG1WDCgmjPZT/2apNVlxGMUA
-
Detected Xorist Ransomware
-
Renames multiple (2215) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops file in System32 directory
-