General
-
Target
78b8376448274a254dab8c2b753cba3b_JaffaCakes118
-
Size
363KB
-
Sample
241028-knnd6ssngv
-
MD5
78b8376448274a254dab8c2b753cba3b
-
SHA1
c3465f85d2952f16b15659ed091082eeaf755846
-
SHA256
cf4a1a733aa5f9184cff122edb817f5c2dbacff9ff3dbf661f6cb2d1a191c3fb
-
SHA512
bb30fa58907bd7813ab1f9b082e81fb91a0e199b252284d368e3c2813615bfc30e6c2e461e19a9541733bc09743e5d17ad4ef524a72436df807c829e50af7c00
-
SSDEEP
6144:UY/hqaY3W3TATmNeZL249z2kiiwsLCcBtlA1+cGXQ1:UYZLkTmNMT9rPwsL5vy2U
Behavioral task
behavioral1
Sample
78b8376448274a254dab8c2b753cba3b_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
78b8376448274a254dab8c2b753cba3b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
78b8376448274a254dab8c2b753cba3b_JaffaCakes118
-
Size
363KB
-
MD5
78b8376448274a254dab8c2b753cba3b
-
SHA1
c3465f85d2952f16b15659ed091082eeaf755846
-
SHA256
cf4a1a733aa5f9184cff122edb817f5c2dbacff9ff3dbf661f6cb2d1a191c3fb
-
SHA512
bb30fa58907bd7813ab1f9b082e81fb91a0e199b252284d368e3c2813615bfc30e6c2e461e19a9541733bc09743e5d17ad4ef524a72436df807c829e50af7c00
-
SSDEEP
6144:UY/hqaY3W3TATmNeZL249z2kiiwsLCcBtlA1+cGXQ1:UYZLkTmNMT9rPwsL5vy2U
-
Detected Xorist Ransomware
-
Xorist family
-
Renames multiple (2885) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-