General
-
Target
9a92db6145b6124b3807fc7a42e27544_JaffaCakes118
-
Size
13KB
-
Sample
240815-svaqnatcpj
-
MD5
9a92db6145b6124b3807fc7a42e27544
-
SHA1
00dd4fad95f50311dbf6d5c31952d1109251a3e5
-
SHA256
faef176595028136f77ce09c848b19464aef5c56e6bb4e5fd1988d11c604f324
-
SHA512
14d25afc01910d5ac5701734d1fae1c8ef7fb6eca33c1ee403db2df011283bd50c852a55bf2f1faf308ecad9ead72e24a4153dedd6e68c53f45b49b1b2438ef1
-
SSDEEP
384:bLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:ISagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
9a92db6145b6124b3807fc7a42e27544_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
9a92db6145b6124b3807fc7a42e27544_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9a92db6145b6124b3807fc7a42e27544_JaffaCakes118
-
Size
13KB
-
MD5
9a92db6145b6124b3807fc7a42e27544
-
SHA1
00dd4fad95f50311dbf6d5c31952d1109251a3e5
-
SHA256
faef176595028136f77ce09c848b19464aef5c56e6bb4e5fd1988d11c604f324
-
SHA512
14d25afc01910d5ac5701734d1fae1c8ef7fb6eca33c1ee403db2df011283bd50c852a55bf2f1faf308ecad9ead72e24a4153dedd6e68c53f45b49b1b2438ef1
-
SSDEEP
384:bLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:ISagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-