General
-
Target
d057eba5efb4cd4e08f2ec6f2f857a5e_JaffaCakes118
-
Size
64KB
-
Sample
240906-ym6q1svemq
-
MD5
d057eba5efb4cd4e08f2ec6f2f857a5e
-
SHA1
83a0fe355bf515b774dbe46a9c8512674bf0394e
-
SHA256
4d2c05d9341274e2b2e474438b45c8614e79e4173478e4e646b8fdd5229893fb
-
SHA512
68eb09bac21f158697bc39fd0ee166fdc630c719ae7d2c8955ba660dd25a4c42abfda89d76d3164dd415420c952e9aa36057b7b81f3d9d6c6b49f6d4a768b3af
-
SSDEEP
768:EW3QCuYF4uxTBhtLoJFuJED3AnrD0NBHdqyUjmQ48sxbctIlgyh2ZyB7YhwAFv:EW3QZTYftGesjFQ4/ZcYzMZ/wAFv
Static task
static1
Behavioral task
behavioral1
Sample
d057eba5efb4cd4e08f2ec6f2f857a5e_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d057eba5efb4cd4e08f2ec6f2f857a5e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d057eba5efb4cd4e08f2ec6f2f857a5e_JaffaCakes118
-
Size
64KB
-
MD5
d057eba5efb4cd4e08f2ec6f2f857a5e
-
SHA1
83a0fe355bf515b774dbe46a9c8512674bf0394e
-
SHA256
4d2c05d9341274e2b2e474438b45c8614e79e4173478e4e646b8fdd5229893fb
-
SHA512
68eb09bac21f158697bc39fd0ee166fdc630c719ae7d2c8955ba660dd25a4c42abfda89d76d3164dd415420c952e9aa36057b7b81f3d9d6c6b49f6d4a768b3af
-
SSDEEP
768:EW3QCuYF4uxTBhtLoJFuJED3AnrD0NBHdqyUjmQ48sxbctIlgyh2ZyB7YhwAFv:EW3QZTYftGesjFQ4/ZcYzMZ/wAFv
Score10/10-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-