General
-
Target
beec20b0093e341b12889ebfe06c6c30_JaffaCakes118
-
Size
13KB
-
Sample
240824-s7qyeaygpk
-
MD5
beec20b0093e341b12889ebfe06c6c30
-
SHA1
1271373683832dcf5cab71c646004ff730176953
-
SHA256
54fc44699250fd6d1d3d30a9aa79ba8cf198efd5fd2b9c6aed2a1d6419537fa0
-
SHA512
9499832122cab005be082a6e0ed8fadf4f919710ce3d10c5b37e6c1142fe79b15e2c0eaec3c9583fa7644cd9159e8dfabbabefe4332eab5829f5347655fbb6d1
-
SSDEEP
384:LLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FYR:YSagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
beec20b0093e341b12889ebfe06c6c30_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
beec20b0093e341b12889ebfe06c6c30_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
beec20b0093e341b12889ebfe06c6c30_JaffaCakes118
-
Size
13KB
-
MD5
beec20b0093e341b12889ebfe06c6c30
-
SHA1
1271373683832dcf5cab71c646004ff730176953
-
SHA256
54fc44699250fd6d1d3d30a9aa79ba8cf198efd5fd2b9c6aed2a1d6419537fa0
-
SHA512
9499832122cab005be082a6e0ed8fadf4f919710ce3d10c5b37e6c1142fe79b15e2c0eaec3c9583fa7644cd9159e8dfabbabefe4332eab5829f5347655fbb6d1
-
SSDEEP
384:LLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FYR:YSagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-