General
-
Target
c7b28435ea73ca06b3154f32fb513ef8_JaffaCakes118
-
Size
24KB
-
Sample
240828-1k9q1axeqg
-
MD5
c7b28435ea73ca06b3154f32fb513ef8
-
SHA1
fc4527519915da6006c4d7f44fba4fbc01aedbf4
-
SHA256
41e11c8bae6f51346da84349ca797f7d91c7ecf0f4e891186d5825d2c6996321
-
SHA512
98a3ec33b0e6c6962efcbc615f4c8d9e8a3272b84535391aec2571aa0388fce3a886ec317b2d93cdc33e339f5f9130f4a413559d9f719f6f98c61c9fa92fd84b
-
SSDEEP
384:T/ve65d3na6o8O5Iq6TPUksMkJf4xMXcqQIdWui4GGxGiPXi0kJYg5bnwnf8k0PQ:zd8g+Mq5tY4kegZn+Ejs
Static task
static1
Behavioral task
behavioral1
Sample
Picture20-JPG.scr
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Picture20-JPG.scr
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Picture20-JPG.scr
-
Size
39KB
-
MD5
a071609653f78272ecea87819d48a081
-
SHA1
8fa0a50dee94d52fbde27b47803f748bf4ee2666
-
SHA256
7062694caf4bf29b51393428d26ff4ddc00fc9ea7f2980a71ceb51f8c1fb2de8
-
SHA512
1cc89e050a7a277bffd8ae3f93f36860ac67c0e84656bb6146aa6de97ab13ca6199c574ae7b88288c2aacd6d171c178dcc1ad11781748c1694b0da4650152d80
-
SSDEEP
768:wBcfatSaOLS1rSc4+pzdCkYCJbiU32Vkj/EV399X8D:wuSkStSV+FdCVsBtcX8D
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-