General
-
Target
cc5d8b4eb46b9ca87136aa09ea0ca6ba_JaffaCakes118
-
Size
14KB
-
Sample
240831-hbx2qszgmp
-
MD5
cc5d8b4eb46b9ca87136aa09ea0ca6ba
-
SHA1
37fb84cdf0e2264758f0a0c66db9fec31e14cca3
-
SHA256
3270e50dae269a9b2e4d06bc7cbedd64aa040dfa606f76cb189200601585990b
-
SHA512
3ef2cc2826ca4a2109675b8dad19ef38b7b234d3e7785492a42dee804d26b0344dda63b7c80b0e1cf8876a8c0d5e2051b66292fd7925a8d1f3448ece9bc9f6eb
-
SSDEEP
384:t04Vfdj9JT9uxRgZGz0glhPuDWWx3f9vX:ldfTIvOvX
Static task
static1
Behavioral task
behavioral1
Sample
cc5d8b4eb46b9ca87136aa09ea0ca6ba_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
cc5d8b4eb46b9ca87136aa09ea0ca6ba_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
cc5d8b4eb46b9ca87136aa09ea0ca6ba_JaffaCakes118
-
Size
14KB
-
MD5
cc5d8b4eb46b9ca87136aa09ea0ca6ba
-
SHA1
37fb84cdf0e2264758f0a0c66db9fec31e14cca3
-
SHA256
3270e50dae269a9b2e4d06bc7cbedd64aa040dfa606f76cb189200601585990b
-
SHA512
3ef2cc2826ca4a2109675b8dad19ef38b7b234d3e7785492a42dee804d26b0344dda63b7c80b0e1cf8876a8c0d5e2051b66292fd7925a8d1f3448ece9bc9f6eb
-
SSDEEP
384:t04Vfdj9JT9uxRgZGz0glhPuDWWx3f9vX:ldfTIvOvX
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-