General
-
Target
982002caf8a574ca503fbe12dd072b62_JaffaCakes118
-
Size
36KB
-
Sample
240814-3l2g5asbld
-
MD5
982002caf8a574ca503fbe12dd072b62
-
SHA1
083db1a54134430381f621699d52b20343311335
-
SHA256
4599bc2527ad4889bb29aa0d38d06a6e8871df4f806ccb2ad5b352a4dae7d14b
-
SHA512
50fbde9038671ff2476a09dca3b9ea6ba45da90eb1d883167bc899f83b4f51fbe3223f21ff9401f92e377fca42d883edf639338a687d9e5e6ce96648d0962a45
-
SSDEEP
768:tBT/H3K6h8I+Cnf0+zRweP7JcaIktRbwYM4V:Da6hr+Cnc+zRwoizkTbwYVV
Static task
static1
Behavioral task
behavioral1
Sample
982002caf8a574ca503fbe12dd072b62_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
982002caf8a574ca503fbe12dd072b62_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
982002caf8a574ca503fbe12dd072b62_JaffaCakes118
-
Size
36KB
-
MD5
982002caf8a574ca503fbe12dd072b62
-
SHA1
083db1a54134430381f621699d52b20343311335
-
SHA256
4599bc2527ad4889bb29aa0d38d06a6e8871df4f806ccb2ad5b352a4dae7d14b
-
SHA512
50fbde9038671ff2476a09dca3b9ea6ba45da90eb1d883167bc899f83b4f51fbe3223f21ff9401f92e377fca42d883edf639338a687d9e5e6ce96648d0962a45
-
SSDEEP
768:tBT/H3K6h8I+Cnf0+zRweP7JcaIktRbwYM4V:Da6hr+Cnc+zRwoizkTbwYVV
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-