General
-
Target
9c11f53798d611c22840b48b4897afa4_JaffaCakes118
-
Size
13KB
-
Sample
240815-3j1g2s1hrh
-
MD5
9c11f53798d611c22840b48b4897afa4
-
SHA1
3ff2619c18e9a6c42cb47787be06100c41472fc8
-
SHA256
69f3b186afdf32cff607ae9c5b6b0271a7641d4a462b6d1c7c202fec5011e904
-
SHA512
1eac57fbe6e7ec9953296feb84addd18db88d970c3561d315f02277730bcb59b1963164df922baf7a69fb085063ebd2be1e6f95afaeb34c638ab14d268e80de3
-
SSDEEP
384:v0mPcgX5rHRRZpMO5RcZrEOyaWk+7fYp8+mcpJj:3cgn9MO5RpTksfNncn
Static task
static1
Behavioral task
behavioral1
Sample
9c11f53798d611c22840b48b4897afa4_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9c11f53798d611c22840b48b4897afa4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9c11f53798d611c22840b48b4897afa4_JaffaCakes118
-
Size
13KB
-
MD5
9c11f53798d611c22840b48b4897afa4
-
SHA1
3ff2619c18e9a6c42cb47787be06100c41472fc8
-
SHA256
69f3b186afdf32cff607ae9c5b6b0271a7641d4a462b6d1c7c202fec5011e904
-
SHA512
1eac57fbe6e7ec9953296feb84addd18db88d970c3561d315f02277730bcb59b1963164df922baf7a69fb085063ebd2be1e6f95afaeb34c638ab14d268e80de3
-
SSDEEP
384:v0mPcgX5rHRRZpMO5RcZrEOyaWk+7fYp8+mcpJj:3cgn9MO5RpTksfNncn
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-