General
-
Target
a6705bc754bbb1c3c3600d6e4d297e6e_JaffaCakes118
-
Size
13KB
-
Sample
241127-hfcatsyner
-
MD5
a6705bc754bbb1c3c3600d6e4d297e6e
-
SHA1
d5818abb0278a33fd1256396793868686bc48ef7
-
SHA256
fa515d064b0ffbea92bfb205f08d942b634146051d58403ef67911ede3192f36
-
SHA512
e00ae3d4e7125e4919b375f66f9e42af783ad62970dce452bd67d786ddfe5717dcdbb95cd9c9a52534b7b417ec9788e8bcadbd9d5525ac96f75ff4dce25933ae
-
SSDEEP
192:q/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMMBSZCpxrX:qebFNw4Pk1itKkpAjjI2YpdmMBS8xrX
Behavioral task
behavioral1
Sample
a6705bc754bbb1c3c3600d6e4d297e6e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a6705bc754bbb1c3c3600d6e4d297e6e_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a6705bc754bbb1c3c3600d6e4d297e6e_JaffaCakes118
-
Size
13KB
-
MD5
a6705bc754bbb1c3c3600d6e4d297e6e
-
SHA1
d5818abb0278a33fd1256396793868686bc48ef7
-
SHA256
fa515d064b0ffbea92bfb205f08d942b634146051d58403ef67911ede3192f36
-
SHA512
e00ae3d4e7125e4919b375f66f9e42af783ad62970dce452bd67d786ddfe5717dcdbb95cd9c9a52534b7b417ec9788e8bcadbd9d5525ac96f75ff4dce25933ae
-
SSDEEP
192:q/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMMBSZCpxrX:qebFNw4Pk1itKkpAjjI2YpdmMBS8xrX
Score9/10-
Renames multiple (2161) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-