General
-
Target
7762a64dbffa9de2a30f90bce8fbdc6c_JaffaCakes118
-
Size
39KB
-
Sample
241028-dq1zqazbql
-
MD5
7762a64dbffa9de2a30f90bce8fbdc6c
-
SHA1
2ae65a013b91463396d55499da38bd766d463b55
-
SHA256
434f8b8ee5d146af677d5cc40ea9c3be75363bb7ade9af17d07c2273cabe6fa0
-
SHA512
46e43b6d511d4b0851d25a7704326cf1d6939ac7e4208c9d111fe6bfad4636e9bed16b68ea24af125e67c8ed8f5ed65084c528716c6360a19ee0212cd53a6292
-
SSDEEP
384:YNOaOwImAFEC9r/H04lnTXZUikSnm/UHNeCcTtZ6cd1wcLEknpC4COuRa+RdrpWR:FwkFR9rv08TZU6NeCu1bZLwYM4r
Malware Config
Targets
-
-
Target
7762a64dbffa9de2a30f90bce8fbdc6c_JaffaCakes118
-
Size
39KB
-
MD5
7762a64dbffa9de2a30f90bce8fbdc6c
-
SHA1
2ae65a013b91463396d55499da38bd766d463b55
-
SHA256
434f8b8ee5d146af677d5cc40ea9c3be75363bb7ade9af17d07c2273cabe6fa0
-
SHA512
46e43b6d511d4b0851d25a7704326cf1d6939ac7e4208c9d111fe6bfad4636e9bed16b68ea24af125e67c8ed8f5ed65084c528716c6360a19ee0212cd53a6292
-
SSDEEP
384:YNOaOwImAFEC9r/H04lnTXZUikSnm/UHNeCcTtZ6cd1wcLEknpC4COuRa+RdrpWR:FwkFR9rv08TZU6NeCu1bZLwYM4r
Score10/10-
Andromeda family
-
Andromeda, Gamarue
Andromeda, also known as Gamarue, is a modular botnet malware primarily used for distributing other types of malware and it's written in C++.
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-