General
-
Target
9ce459e30d72e8fba500cdc4ff5b31b7_JaffaCakes118
-
Size
13KB
-
Sample
240816-epbtwavalg
-
MD5
9ce459e30d72e8fba500cdc4ff5b31b7
-
SHA1
ef0513e000ba33f12769cade31dd3f7383ad68ba
-
SHA256
22e7ef02816f598f5923568b5d30e8ca04cc0bdfda562d02621ad4d8795dd73c
-
SHA512
556ceec6210db14774d9f78e83e1462da743bcf4f59f0686776afd8f9047a15505091d59b16135934842ad1e7ca23934475b25078f8f93447383f44b8c84386c
-
SSDEEP
384:uLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:bSagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
9ce459e30d72e8fba500cdc4ff5b31b7_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
9ce459e30d72e8fba500cdc4ff5b31b7_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9ce459e30d72e8fba500cdc4ff5b31b7_JaffaCakes118
-
Size
13KB
-
MD5
9ce459e30d72e8fba500cdc4ff5b31b7
-
SHA1
ef0513e000ba33f12769cade31dd3f7383ad68ba
-
SHA256
22e7ef02816f598f5923568b5d30e8ca04cc0bdfda562d02621ad4d8795dd73c
-
SHA512
556ceec6210db14774d9f78e83e1462da743bcf4f59f0686776afd8f9047a15505091d59b16135934842ad1e7ca23934475b25078f8f93447383f44b8c84386c
-
SSDEEP
384:uLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:bSagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-