General
-
Target
a5bb17cadea141d0c25951bcecdf3f0c_JaffaCakes118
-
Size
12KB
-
Sample
241127-eafjhsskcr
-
MD5
a5bb17cadea141d0c25951bcecdf3f0c
-
SHA1
43d2f488c633a044614eec79fd9dc9ee2161e141
-
SHA256
9ab037a91607b907890c8086e7bb5812532ec8a6d334e802ffb6f8623927a1f8
-
SHA512
432722f190d25876ac9fcdaf88b61870585923263829d0f1e45904a3a29ac07d8a49ce1bb35dee7b2a9a801ee804a7c96196bfedcd8834749b59548079dbfc07
-
SSDEEP
192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMtoMD:eebFNw4Pk1itKkpAjjI2YpdmtZD
Behavioral task
behavioral1
Sample
a5bb17cadea141d0c25951bcecdf3f0c_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a5bb17cadea141d0c25951bcecdf3f0c_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a5bb17cadea141d0c25951bcecdf3f0c_JaffaCakes118
-
Size
12KB
-
MD5
a5bb17cadea141d0c25951bcecdf3f0c
-
SHA1
43d2f488c633a044614eec79fd9dc9ee2161e141
-
SHA256
9ab037a91607b907890c8086e7bb5812532ec8a6d334e802ffb6f8623927a1f8
-
SHA512
432722f190d25876ac9fcdaf88b61870585923263829d0f1e45904a3a29ac07d8a49ce1bb35dee7b2a9a801ee804a7c96196bfedcd8834749b59548079dbfc07
-
SSDEEP
192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMtoMD:eebFNw4Pk1itKkpAjjI2YpdmtZD
Score9/10-
Renames multiple (2164) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Drops file in System32 directory
-