General
-
Target
9437a397c463d44b7dcd3075d176d162_JaffaCakes118
-
Size
21KB
-
Sample
240813-wytvgsygld
-
MD5
9437a397c463d44b7dcd3075d176d162
-
SHA1
161f98d0bb9a1c4ffa35335422c977cfecca937e
-
SHA256
1a73b6be5fc6eede19b2702ab2adc816b9fa2131b1328984f502cb571785c078
-
SHA512
38ccbae953f77f35c7b614e041d4129decfca049ce69a1940790cbd886e98d6ba6f348c5204d1878f53c67dffaaf8c517defcc549190bcb73fbb63b7e0c02cbc
-
SSDEEP
384:O04Vfdj9JT9uxRgZGz0glhPuDWWx3fw7H4Vj9WnJd0/NssgCu+/:EdfTIvZ4UFsgCt
Static task
static1
Behavioral task
behavioral1
Sample
9437a397c463d44b7dcd3075d176d162_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
9437a397c463d44b7dcd3075d176d162_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9437a397c463d44b7dcd3075d176d162_JaffaCakes118
-
Size
21KB
-
MD5
9437a397c463d44b7dcd3075d176d162
-
SHA1
161f98d0bb9a1c4ffa35335422c977cfecca937e
-
SHA256
1a73b6be5fc6eede19b2702ab2adc816b9fa2131b1328984f502cb571785c078
-
SHA512
38ccbae953f77f35c7b614e041d4129decfca049ce69a1940790cbd886e98d6ba6f348c5204d1878f53c67dffaaf8c517defcc549190bcb73fbb63b7e0c02cbc
-
SSDEEP
384:O04Vfdj9JT9uxRgZGz0glhPuDWWx3fw7H4Vj9WnJd0/NssgCu+/:EdfTIvZ4UFsgCt
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-