General
-
Target
8d355ff62486806df6bd969bed96c325_JaffaCakes118
-
Size
13KB
-
Sample
240812-ee6lhatgqr
-
MD5
8d355ff62486806df6bd969bed96c325
-
SHA1
72992f936f1e88a0d89d9ed939ee5ef19f2d34ba
-
SHA256
3c179c3aca407a17480467b0d08c37396271b9285b9afca6f3245020c4bb9e0a
-
SHA512
b42aec7b0e51da123751aee9d0ebe2c820f7a8c8b8d602bae1e76fe542450743bd1dcfab0f7765632e9889defbdbc4192e47e6bfb71f6e49201554ced1c590ef
-
SSDEEP
192:zyEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:O04Vfdj9JT9uxRgZGz0glhPuDWWx3f
Static task
static1
Behavioral task
behavioral1
Sample
8d355ff62486806df6bd969bed96c325_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8d355ff62486806df6bd969bed96c325_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8d355ff62486806df6bd969bed96c325_JaffaCakes118
-
Size
13KB
-
MD5
8d355ff62486806df6bd969bed96c325
-
SHA1
72992f936f1e88a0d89d9ed939ee5ef19f2d34ba
-
SHA256
3c179c3aca407a17480467b0d08c37396271b9285b9afca6f3245020c4bb9e0a
-
SHA512
b42aec7b0e51da123751aee9d0ebe2c820f7a8c8b8d602bae1e76fe542450743bd1dcfab0f7765632e9889defbdbc4192e47e6bfb71f6e49201554ced1c590ef
-
SSDEEP
192:zyEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:O04Vfdj9JT9uxRgZGz0glhPuDWWx3f
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-