General
-
Target
c5e27b41da3a34de8337f93a0bbd93a5_JaffaCakes118
-
Size
14KB
-
Sample
240827-2sl6caxcrq
-
MD5
c5e27b41da3a34de8337f93a0bbd93a5
-
SHA1
d5cd044abf022f85eb0d7a8c6cb041d8d6d6084d
-
SHA256
dc847a5589226f18ef694836af8c8f7b52d08e7096e8358220e66647833ed28c
-
SHA512
6b09376e183d25cbb3be59feea7398a8dceaf6b497fcfd9cfade7412988d10f9af9035b43f1b7b7cee3bc7035795614599500211e5e3e41e4a52697a1b4ca285
-
SSDEEP
384:c04Vfdj9JT9uxRgZGz0glhPuDWWx3fT3bE:ydfTIvWo
Static task
static1
Behavioral task
behavioral1
Sample
c5e27b41da3a34de8337f93a0bbd93a5_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c5e27b41da3a34de8337f93a0bbd93a5_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c5e27b41da3a34de8337f93a0bbd93a5_JaffaCakes118
-
Size
14KB
-
MD5
c5e27b41da3a34de8337f93a0bbd93a5
-
SHA1
d5cd044abf022f85eb0d7a8c6cb041d8d6d6084d
-
SHA256
dc847a5589226f18ef694836af8c8f7b52d08e7096e8358220e66647833ed28c
-
SHA512
6b09376e183d25cbb3be59feea7398a8dceaf6b497fcfd9cfade7412988d10f9af9035b43f1b7b7cee3bc7035795614599500211e5e3e41e4a52697a1b4ca285
-
SSDEEP
384:c04Vfdj9JT9uxRgZGz0glhPuDWWx3fT3bE:ydfTIvWo
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-