General
-
Target
921a0ddcfefbdcc72fbb08a26ba95d60_JaffaCakes118
-
Size
31KB
-
Sample
240813-h5cynazgkg
-
MD5
921a0ddcfefbdcc72fbb08a26ba95d60
-
SHA1
230abf5025c2ab043dced85aaafad46e5229d6bd
-
SHA256
2edfed706a7060979bcbbc22cd786f4a4bd8036aed972fd9a8501c7e4da52c09
-
SHA512
0210609349ce542d5241d3781f0d2e789302e32840949b176cbe0d23dbe041f452c2ae96a47873138cf4906c0fd3d36b01e7b34db9815e4cdcb342d0e3398944
-
SSDEEP
384:V04Vfdj9JT9uxRgZGz0glhPuDWWx3fd+7Hu:9dfTIvF
Static task
static1
Behavioral task
behavioral1
Sample
921a0ddcfefbdcc72fbb08a26ba95d60_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
921a0ddcfefbdcc72fbb08a26ba95d60_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
921a0ddcfefbdcc72fbb08a26ba95d60_JaffaCakes118
-
Size
31KB
-
MD5
921a0ddcfefbdcc72fbb08a26ba95d60
-
SHA1
230abf5025c2ab043dced85aaafad46e5229d6bd
-
SHA256
2edfed706a7060979bcbbc22cd786f4a4bd8036aed972fd9a8501c7e4da52c09
-
SHA512
0210609349ce542d5241d3781f0d2e789302e32840949b176cbe0d23dbe041f452c2ae96a47873138cf4906c0fd3d36b01e7b34db9815e4cdcb342d0e3398944
-
SSDEEP
384:V04Vfdj9JT9uxRgZGz0glhPuDWWx3fd+7Hu:9dfTIvF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-