General
-
Target
c1ef56cc78d5178d3c655e9cd8a7f811_JaffaCakes118
-
Size
13KB
-
Sample
240826-a2k6vswgqj
-
MD5
c1ef56cc78d5178d3c655e9cd8a7f811
-
SHA1
83b374e767c1aae8126b1c61551903ccef128283
-
SHA256
918ac67b6307be0cc649387481107844b4549363109d469c5e39197be29319ea
-
SHA512
315dd3b934bf7da47e0d47ffc0e853e8f95340bbde3493d19fec99d1ff0ebb9957e4562d26d58309403f30c025e442672bcd7ef473fff0393d9ba22612a3a3c3
-
SSDEEP
384:b0mdfzQMfTq8cPfxUJ/MOg0U7FrSGs3JqkBIPU2zy0:5LQMrS3ZSB3JJIR+0
Static task
static1
Behavioral task
behavioral1
Sample
c1ef56cc78d5178d3c655e9cd8a7f811_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c1ef56cc78d5178d3c655e9cd8a7f811_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c1ef56cc78d5178d3c655e9cd8a7f811_JaffaCakes118
-
Size
13KB
-
MD5
c1ef56cc78d5178d3c655e9cd8a7f811
-
SHA1
83b374e767c1aae8126b1c61551903ccef128283
-
SHA256
918ac67b6307be0cc649387481107844b4549363109d469c5e39197be29319ea
-
SHA512
315dd3b934bf7da47e0d47ffc0e853e8f95340bbde3493d19fec99d1ff0ebb9957e4562d26d58309403f30c025e442672bcd7ef473fff0393d9ba22612a3a3c3
-
SSDEEP
384:b0mdfzQMfTq8cPfxUJ/MOg0U7FrSGs3JqkBIPU2zy0:5LQMrS3ZSB3JJIR+0
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-