General
-
Target
8d44ed00bd272ebd95d1acaf86f86ddb_JaffaCakes118
-
Size
13KB
-
Sample
240812-esmqjsygqh
-
MD5
8d44ed00bd272ebd95d1acaf86f86ddb
-
SHA1
594e80a2a26ab347aa1f540c775d690ed68da5b2
-
SHA256
acf7f0d23a9a2c2466a778d6e44a36f65af72f326b4a25ef82cae108abc22c4b
-
SHA512
4b941df64ac7727b8df95923fff5579ebb5b67521fed8f90eea52e5d165702a92fc5c6a0f7d82094883485cc68826061972f20b2d30084434546f1be95632d40
-
SSDEEP
192:0yEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:Z04Vfdj9JT9uxRgZGz0glhPuDWWx3f
Static task
static1
Behavioral task
behavioral1
Sample
8d44ed00bd272ebd95d1acaf86f86ddb_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8d44ed00bd272ebd95d1acaf86f86ddb_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8d44ed00bd272ebd95d1acaf86f86ddb_JaffaCakes118
-
Size
13KB
-
MD5
8d44ed00bd272ebd95d1acaf86f86ddb
-
SHA1
594e80a2a26ab347aa1f540c775d690ed68da5b2
-
SHA256
acf7f0d23a9a2c2466a778d6e44a36f65af72f326b4a25ef82cae108abc22c4b
-
SHA512
4b941df64ac7727b8df95923fff5579ebb5b67521fed8f90eea52e5d165702a92fc5c6a0f7d82094883485cc68826061972f20b2d30084434546f1be95632d40
-
SSDEEP
192:0yEh4bJlnNdEIv1J/b9i7s4pwrARgZd1SrMksXgUdBOvAUPuDtwFWx3f/:Z04Vfdj9JT9uxRgZGz0glhPuDWWx3f
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-