General
-
Target
ccfee9b6d0f7751356ebe26987c2467a_JaffaCakes118
-
Size
13KB
-
Sample
240831-r2bqvsyeja
-
MD5
ccfee9b6d0f7751356ebe26987c2467a
-
SHA1
ce9da6687de8889c58478edea203edae722e75d8
-
SHA256
46e17503c606aa4e3e5d4e0ec8b94d62d76e01546e3a1d5b72c1e1c94f9a0b32
-
SHA512
5a43a71c10f436a4d4b8274b3804b8083578a10e4d0c63811d0c32f6e93aeebe957605f6a4cf19bdfd07412a46bad3054c36c1b7dab590a30dc8dff479c900a1
-
SSDEEP
384:ULOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FYk:lSagh0Qu1UkKE7AFl
Static task
static1
Behavioral task
behavioral1
Sample
ccfee9b6d0f7751356ebe26987c2467a_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
ccfee9b6d0f7751356ebe26987c2467a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
ccfee9b6d0f7751356ebe26987c2467a_JaffaCakes118
-
Size
13KB
-
MD5
ccfee9b6d0f7751356ebe26987c2467a
-
SHA1
ce9da6687de8889c58478edea203edae722e75d8
-
SHA256
46e17503c606aa4e3e5d4e0ec8b94d62d76e01546e3a1d5b72c1e1c94f9a0b32
-
SHA512
5a43a71c10f436a4d4b8274b3804b8083578a10e4d0c63811d0c32f6e93aeebe957605f6a4cf19bdfd07412a46bad3054c36c1b7dab590a30dc8dff479c900a1
-
SSDEEP
384:ULOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FYk:lSagh0Qu1UkKE7AFl
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-