General
-
Target
9c776bab859bcd742fbbdb061f64d001_JaffaCakes118
-
Size
13KB
-
Sample
240816-b4nv7syald
-
MD5
9c776bab859bcd742fbbdb061f64d001
-
SHA1
ecb3a3c41d23273b663a91def07d77d7dfe297fa
-
SHA256
edba6481c92ab1e682e32b89d24574195b1928e0047675ee3b1bcbedc37ac536
-
SHA512
f1a022eec34d9abd6ff66968dfd5cec287fb2bdcbd3fb9a3390c8d7b671c037e5b389f46edf370664a0cdc886f53a06bc1c2dfcd354c1cc1312da22f3c991de6
-
SSDEEP
384:N0mRLpaLkDpeRy3zGsvsfm4lAilbqX6rwTbRi4Xz/4:LwRehvR4lAUqX6It5b4
Static task
static1
Behavioral task
behavioral1
Sample
9c776bab859bcd742fbbdb061f64d001_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
9c776bab859bcd742fbbdb061f64d001_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9c776bab859bcd742fbbdb061f64d001_JaffaCakes118
-
Size
13KB
-
MD5
9c776bab859bcd742fbbdb061f64d001
-
SHA1
ecb3a3c41d23273b663a91def07d77d7dfe297fa
-
SHA256
edba6481c92ab1e682e32b89d24574195b1928e0047675ee3b1bcbedc37ac536
-
SHA512
f1a022eec34d9abd6ff66968dfd5cec287fb2bdcbd3fb9a3390c8d7b671c037e5b389f46edf370664a0cdc886f53a06bc1c2dfcd354c1cc1312da22f3c991de6
-
SSDEEP
384:N0mRLpaLkDpeRy3zGsvsfm4lAilbqX6rwTbRi4Xz/4:LwRehvR4lAUqX6It5b4
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-