General
-
Target
7757b8c71e1bffb96022dddd0fa84fb8_JaffaCakes118
-
Size
7KB
-
Sample
241028-djjrvsyeqf
-
MD5
7757b8c71e1bffb96022dddd0fa84fb8
-
SHA1
2821b0a5eb311010a982c4bef0bdfa025ccec947
-
SHA256
3fa40d13414535a809b97e887b565841230af69a5d49b5fafd7cb31dd70a3d16
-
SHA512
f9dc1d089b755b2a44db352cb02c07acdd48665ed26565590f8a3935fcba89e5002a68f8e5649aa1bc01a5b0add5b2e25f1b9e6bb3c5393f4f481117d59548b1
-
SSDEEP
96:lXZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihEx8BDCyp97phPDRMUA:dzdrr1FG1WDCgmjPZ0Dh1LRMUA
Behavioral task
behavioral1
Sample
7757b8c71e1bffb96022dddd0fa84fb8_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7757b8c71e1bffb96022dddd0fa84fb8_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7757b8c71e1bffb96022dddd0fa84fb8_JaffaCakes118
-
Size
7KB
-
MD5
7757b8c71e1bffb96022dddd0fa84fb8
-
SHA1
2821b0a5eb311010a982c4bef0bdfa025ccec947
-
SHA256
3fa40d13414535a809b97e887b565841230af69a5d49b5fafd7cb31dd70a3d16
-
SHA512
f9dc1d089b755b2a44db352cb02c07acdd48665ed26565590f8a3935fcba89e5002a68f8e5649aa1bc01a5b0add5b2e25f1b9e6bb3c5393f4f481117d59548b1
-
SSDEEP
96:lXZhl8wdS+r3yOYW189fTwUVF0CWHyjk8P1LOmjXfihEx8BDCyp97phPDRMUA:dzdrr1FG1WDCgmjPZ0Dh1LRMUA
-
Detected Xorist Ransomware
-
Xorist family
-
Renames multiple (2193) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-