General
-
Target
9db5904446b1e74829f05cd27504706e_JaffaCakes118
-
Size
13KB
-
Sample
240816-ks5h9azcqr
-
MD5
9db5904446b1e74829f05cd27504706e
-
SHA1
d22932fe72ed4d1710ab1f744e58c9f485000991
-
SHA256
e804cb0392b4d54b3c3758e52228cff75c03c6b1a077532a380a21cbe3b5c075
-
SHA512
152dee27bc4930495b11988b6d709d4c6e58b8124b0beb66c521afb3bacc12e5682927ff6131ebe915fe030f203285b4daec36bf021da90bb1a7cd20beb223a5
-
SSDEEP
384:0LOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY6:FSagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
9db5904446b1e74829f05cd27504706e_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9db5904446b1e74829f05cd27504706e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9db5904446b1e74829f05cd27504706e_JaffaCakes118
-
Size
13KB
-
MD5
9db5904446b1e74829f05cd27504706e
-
SHA1
d22932fe72ed4d1710ab1f744e58c9f485000991
-
SHA256
e804cb0392b4d54b3c3758e52228cff75c03c6b1a077532a380a21cbe3b5c075
-
SHA512
152dee27bc4930495b11988b6d709d4c6e58b8124b0beb66c521afb3bacc12e5682927ff6131ebe915fe030f203285b4daec36bf021da90bb1a7cd20beb223a5
-
SSDEEP
384:0LOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY6:FSagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-