General
-
Target
8ee1883638638cb639cd1f11f1803efc_JaffaCakes118
-
Size
13KB
-
Sample
240812-qltq3axanf
-
MD5
8ee1883638638cb639cd1f11f1803efc
-
SHA1
7bb4898e66d9c0797a972b0b906537470e50626d
-
SHA256
d025b17f73ae9ed0862a42e10b9da5a681a48a9fae0fbed5afe4f953d7957a4c
-
SHA512
e7ba02377c975984ca52f3de880392a6ee32ca953d4829f31ca33257503bcd835e009df912dbcec3c4bdff5c9b3f26185b161accc49df48b82888221ac99d393
-
SSDEEP
384:1LOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:2Sagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
8ee1883638638cb639cd1f11f1803efc_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8ee1883638638cb639cd1f11f1803efc_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
8ee1883638638cb639cd1f11f1803efc_JaffaCakes118
-
Size
13KB
-
MD5
8ee1883638638cb639cd1f11f1803efc
-
SHA1
7bb4898e66d9c0797a972b0b906537470e50626d
-
SHA256
d025b17f73ae9ed0862a42e10b9da5a681a48a9fae0fbed5afe4f953d7957a4c
-
SHA512
e7ba02377c975984ca52f3de880392a6ee32ca953d4829f31ca33257503bcd835e009df912dbcec3c4bdff5c9b3f26185b161accc49df48b82888221ac99d393
-
SSDEEP
384:1LOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:2Sagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-