General
-
Target
c4ba89e37b9f670c66979762faf0a6f2_JaffaCakes118
-
Size
86KB
-
Sample
240827-lfc4xatflh
-
MD5
c4ba89e37b9f670c66979762faf0a6f2
-
SHA1
362825697298a53813a8472503617c5d8693faef
-
SHA256
683f5edb11751b9f5ba161d7a6313bace2f6b504388ccad6b3d145ac6b779c99
-
SHA512
9a7ef024e485f1ce6d45ab2f4ed7a60f3000856d5d2e70086866b9d168bb1cfcc115ec59da5b91f4513a087f840de52564845c81019e7283340f8a741b235e4b
-
SSDEEP
1536:mVAIIeDcZJX9nSYVPPdYyYVWuTtelfmclehkyGlLfpL6pD4D7Lxr:r+DSxdYy4WuTtGZ4iyALfpLG4tr
Static task
static1
Behavioral task
behavioral1
Sample
c4ba89e37b9f670c66979762faf0a6f2_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c4ba89e37b9f670c66979762faf0a6f2_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c4ba89e37b9f670c66979762faf0a6f2_JaffaCakes118
-
Size
86KB
-
MD5
c4ba89e37b9f670c66979762faf0a6f2
-
SHA1
362825697298a53813a8472503617c5d8693faef
-
SHA256
683f5edb11751b9f5ba161d7a6313bace2f6b504388ccad6b3d145ac6b779c99
-
SHA512
9a7ef024e485f1ce6d45ab2f4ed7a60f3000856d5d2e70086866b9d168bb1cfcc115ec59da5b91f4513a087f840de52564845c81019e7283340f8a741b235e4b
-
SSDEEP
1536:mVAIIeDcZJX9nSYVPPdYyYVWuTtelfmclehkyGlLfpL6pD4D7Lxr:r+DSxdYy4WuTtGZ4iyALfpLG4tr
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-