General
-
Target
9d5e640d9d05d7423614ac6a94c3d0f2_JaffaCakes118
-
Size
12KB
-
Sample
240816-hraw5svgqp
-
MD5
9d5e640d9d05d7423614ac6a94c3d0f2
-
SHA1
bde52c0978d10696de145641337cab7b65dddab3
-
SHA256
0217b260a6ccc86f003124917cea2188e36469a2d4117165e739f646bb83a2f0
-
SHA512
8315d795989608b0b2d5544c558b7cd2ed04f305c3d4ac9c6206a50ca45dc7a0c7e74ffdb310fe7031f08c92f361025165c072afa3e07c0ca62903d664c50112
-
SSDEEP
192:zGotRcCuc7JV37Ys4tlpb9b450y07CTt1I78qJ+H+kTVm/JS/tS8AF3Ukh1:KotRcCbJR7Ys4tvS50yxte7d8TVm/Ir0
Static task
static1
Behavioral task
behavioral1
Sample
longroad.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
longroad.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
longroad.exe
-
Size
13KB
-
MD5
c9e729582d7e932e0962a20703b5d9ce
-
SHA1
a246c40c20a71e7d95de4378fffdb791517f686a
-
SHA256
1261dd1f32b4a905af92c844e582511385a055692936be4a420974bfdd3ee8c9
-
SHA512
8f96e4ecf3de35ef689d4b4d96e8fe89cb16e908a6a546c96e44f700a0fa3dd17e57cc1b4a1bcb92bb6aaf953cfd290b8d4d3579795ba6dd3d23dc7845771e5e
-
SSDEEP
384:BLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:CSagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-