General
-
Target
c780dc7f6bc08f29480be0a535f2e5bb_JaffaCakes118
-
Size
13KB
-
Sample
240828-x6c3dasbjh
-
MD5
c780dc7f6bc08f29480be0a535f2e5bb
-
SHA1
89bfa4c8a6d5552b57263d8965d74b302df8b92e
-
SHA256
4339d0d1077329a093a56ca9588d133fd397e0794816dacd582cc34a56c246ee
-
SHA512
4ecf6ddd75f45690a9dfdaa62b72350c63f7d9fa04861e92331b6d7aee8e7d7542bcb4e5f3e72126995e7f173ff3412e9f85ec566fc2946057c4d380e499e1e2
-
SSDEEP
384:ZwLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:XSagh0Qu1UkKE7AF
Static task
static1
Behavioral task
behavioral1
Sample
c780dc7f6bc08f29480be0a535f2e5bb_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c780dc7f6bc08f29480be0a535f2e5bb_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c780dc7f6bc08f29480be0a535f2e5bb_JaffaCakes118
-
Size
13KB
-
MD5
c780dc7f6bc08f29480be0a535f2e5bb
-
SHA1
89bfa4c8a6d5552b57263d8965d74b302df8b92e
-
SHA256
4339d0d1077329a093a56ca9588d133fd397e0794816dacd582cc34a56c246ee
-
SHA512
4ecf6ddd75f45690a9dfdaa62b72350c63f7d9fa04861e92331b6d7aee8e7d7542bcb4e5f3e72126995e7f173ff3412e9f85ec566fc2946057c4d380e499e1e2
-
SSDEEP
384:ZwLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:XSagh0Qu1UkKE7AF
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-