General
-
Target
9b3059c4886137a039ad4e5cb9018ab7_JaffaCakes118
-
Size
41KB
-
Sample
240815-xc25easbjp
-
MD5
9b3059c4886137a039ad4e5cb9018ab7
-
SHA1
4fc2147a07269023e29c30a3a0071caed5b17efb
-
SHA256
2c19952016bb7357e505904a8c8c5988d857c3b7d510f53af8c03b2ba4cc329d
-
SHA512
748340c5e5b329498109c7f455cb6a86fdebdcb01156ea135cc8074be73472b81381f66cd43c4eaf36fe04ffe691a6a5ba185a40b36cfa192c66b274ad19b86f
-
SSDEEP
768:PCtxsRLvrH1vkJfQgcB9qFhNzqo38VvzCvQj8AXhSiXQQXDMvdp8DkcedShKvP7Q:6TsRLvrH1vkJfQgcB9qFhxqo38VvzCvU
Static task
static1
Behavioral task
behavioral1
Sample
9b3059c4886137a039ad4e5cb9018ab7_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9b3059c4886137a039ad4e5cb9018ab7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9b3059c4886137a039ad4e5cb9018ab7_JaffaCakes118
-
Size
41KB
-
MD5
9b3059c4886137a039ad4e5cb9018ab7
-
SHA1
4fc2147a07269023e29c30a3a0071caed5b17efb
-
SHA256
2c19952016bb7357e505904a8c8c5988d857c3b7d510f53af8c03b2ba4cc329d
-
SHA512
748340c5e5b329498109c7f455cb6a86fdebdcb01156ea135cc8074be73472b81381f66cd43c4eaf36fe04ffe691a6a5ba185a40b36cfa192c66b274ad19b86f
-
SSDEEP
768:PCtxsRLvrH1vkJfQgcB9qFhNzqo38VvzCvQj8AXhSiXQQXDMvdp8DkcedShKvP7Q:6TsRLvrH1vkJfQgcB9qFhxqo38VvzCvU
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-