General
-
Target
956dc5694f2c400b4830bd69a3118870_JaffaCakes118
-
Size
40KB
-
Sample
240814-kyy9esycnn
-
MD5
956dc5694f2c400b4830bd69a3118870
-
SHA1
22b5869fad11204ff66c78c0fb4473b00809e9a8
-
SHA256
77785041309afc31a9546a75a2bed3ae216718f2f1269b2ab7ced930b491d733
-
SHA512
178360069d4b9ff7d730501506eb6ee258ef8d20b9d0fb6247af0faf1270aeebde8edfc02d06917210854c63160e11c1493e96e181a6ca76d8cb20919e30b7bf
-
SSDEEP
384:P04Vfdj9JT9uxRgZGz0glhPuDWWx3f55V3wByX9y59KFaSSZN81VGKqLTVS3y8DN:HdfTIvwwsiuRSoVGjl8DFJzUgyV3C
Static task
static1
Behavioral task
behavioral1
Sample
956dc5694f2c400b4830bd69a3118870_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
956dc5694f2c400b4830bd69a3118870_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
956dc5694f2c400b4830bd69a3118870_JaffaCakes118
-
Size
40KB
-
MD5
956dc5694f2c400b4830bd69a3118870
-
SHA1
22b5869fad11204ff66c78c0fb4473b00809e9a8
-
SHA256
77785041309afc31a9546a75a2bed3ae216718f2f1269b2ab7ced930b491d733
-
SHA512
178360069d4b9ff7d730501506eb6ee258ef8d20b9d0fb6247af0faf1270aeebde8edfc02d06917210854c63160e11c1493e96e181a6ca76d8cb20919e30b7bf
-
SSDEEP
384:P04Vfdj9JT9uxRgZGz0glhPuDWWx3f55V3wByX9y59KFaSSZN81VGKqLTVS3y8DN:HdfTIvwwsiuRSoVGjl8DFJzUgyV3C
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-